Warszawski Hackerspace

User Tools

Site Tools

You are here: start » projects » hswan
Trace:
projects:hswan

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
projects:hswan [2014/09/28 20:16] q3kprojects:hswan [2023/11/08 20:44] (current) wiktor
Line 1: Line 1:
 ====== hswan ====== ====== hswan ======
 +
 +**Status**: Dead and archived for posterity. It might come dead for a v2. Ask q3k.
  
 [[people:q3k:start]]'s pipedream of an intra-Hackerspace (and not only) alternate IP network, based on point-to-point links and BGP. Currently centered around the Warsaw Hackerspace. [[people:q3k:start]]'s pipedream of an intra-Hackerspace (and not only) alternate IP network, based on point-to-point links and BGP. Currently centered around the Warsaw Hackerspace.
Line 13: Line 15:
 ===== Number Assignement ===== ===== Number Assignement =====
  
-Currently, there is one assignement authority, and that is the Warsaw Hackerspace. For assignement, please contact bofh@hackerspace.pl.+Currently, there is one assignment authority, and that is the Warsaw Hackerspace. For assignment, please contact bofh@hackerspace.pl.
  
 ==== ASN ==== ==== ASN ====
Line 19: Line 21:
 We use the 32-bit private ASN numbering scheme, as defined by RFC6996. Each system that is part of the WAN must have an AS number assigned. We use the 32-bit private ASN numbering scheme, as defined by RFC6996. Each system that is part of the WAN must have an AS number assigned.
  
-^ ASN        ^ OrgName            ^ PoC                 ^ Physical presence                +^ ASN        ^ OrgName            ^ PoC                      ^ Physical presence           ^ Willing to peer physically?            
-| 4242424242 | Warsaw Hackerspace | bofh@hackerspace.pl      | Warsaw, Długa 44/50         +| 4242424242 | Warsaw Hackerspace | bofh@hackerspace.pl      | Warsaw, ul. Wolność 2A  | Yes. Radio within LoS
-| 4250000001 | q3knet             | q3k@q3k.org              | //none//                    +| 4250000001 | q3knet             | q3k@q3k.org              | Garching, Bayern, Germany   | Maybe? Freifunk MUC?                   
-| 4250000002 | Hackerspace Krakow | noc@hackerspace-krk.pl | Cracow, Radziwiłłowska 20/+| 4250000002 | Hackerspace Krakow | noc@hackerspace-krk.pl   | Cracow, Zacisze 5/P1        | Probably ;)                            
-==== IPv4 ====+| 4250000003 | Dragon Sector      | noc@drgns.pl             | n/a (Internet)              | No.                                    | 
 +| 4250000004 | Nibylandia         | ar@bash.org.pl           | Warsaw, ul. ?                                                      | 
 +| 4250000005 | _lambdarail_       | lquawl@hackerspace.pl    | Warsaw, ul. Jaktorowska                                            | 
 +| 4250000006 | pidpawel           | abuse@pidpawel.eu        | Kraków, Ruczaj              | Yes.                                   | 
 +| 4242422001 | buka               | enki@fsck.pl             | Warsaw                      |                                        | 
 +| 4250000008 | dfgg               | dfgg@hackerspace.pl      | Bydgoszcz                   | Currently no.                          | 
 +| 4250000009 | archnet            | on demand via q3k@hspl   | Warsaw                      |                                        | 
 +| 4250000010 | hskrk-mciancia                              | Kraków                      |                                        |  
 +| 4250000011 | aquila             | mlen@mlen.pl             | Jelenia Góra                |                                        | 
 +| 4250000012 | googlecloud        | q3k@q3k.org              | THE CLOUD                                                          | 
 +| 4250000013 | tog                | admin@tog.ie             | Blackpitts, Dublin          | Yes.                                   | 
 +| 4250000014 | hskrk-wiktor       | wiktor@hackerspace-krk.pl | Kraków, ul. Kluzeka         | sure, will try mesh soon               |  
 +| 4250000015 | tkd                | tomek@hackerspace.pl     | Kallang Road, Singapore     | No.                                    |  
 +| 4250000016 | hskrk-alwaro       | alwaronx@gmail.com       | Kraków                      |                                        |  
 +| 4250000017 | finitestate.solutions       | fss@finitestate.solutions       | Warsaw, ul. Wolność 2A                       | Yes.                                       |  
 +| 4250000018 | hsldz              | lodz@lists.hackerspace.pl | Łódź | | 
 +| 4250000019 | hswro              | wiktor@hackerspace-krk.pl | Wrocław | yup | 
 +| 4250000020 | hskrk-zagura       | | |
  
-We use the 16-bit RFC1918 pool. When we run out, we'll figure out what to do. Bear in mind, a location can use IPv4 outside this pool (or overlapping), but they will need to be NATted.+ 
 +==== IPv4 Addresses ==== 
 + 
 +We use the 24-bit RFC1918 pool. When we run out, we'll figure out what to do. Bear in mind, a location can use IPv4 outside this pool (or overlapping), but they will need to be NATted.
  
 ^ Prefix       ^ OrgName            ^ NetName    ^ ^ Prefix       ^ OrgName            ^ NetName    ^
 | 10.8.0.0/14  | Warsaw Hackerspace | hswawnet01 | | 10.8.0.0/14  | Warsaw Hackerspace | hswawnet01 |
 | 10.12.0.0/16 | Hakerspace Krakow  | hskrknet01 | | 10.12.0.0/16 | Hakerspace Krakow  | hskrknet01 |
 +| 10.13.0.0/16 | Dragon Sector      | dsnet01    |
 +| 10.14.0.0/16 | hsldz              | hsldz01    |
 +| 10.21.0.0/16 | dfgg               | hurrdurr01 |
 +| 10.23.0.0/16 | pidpawel           | pidnet01   |
 +| 10.24.10.0/24 | Nibylandia        | nbland01   |
 +| 10.24.20.0/24 | Nibylandia        | nbland02   |
 +| 10.24.250.0/24 | Nibylandia       | nbland03   |
 +| 10.25.0.0/16 | _lamdarail_        | lbrail01   |
 +| 10.26.0.0/16 | archnet            | archnet01  |
 +| 10.30.0.0/24 | googlecloud        | googlecloud-euwest1 |
 +| 10.30.1.0/24 | googlecloud        | googlecloud-uscentral1 |
 +| 10.42.0.0/16 | hskrk              | hskrk-members  |
 +| 10.42.0.0/20 | hskrk-wiktor       | hskrk-wiktor   |
 +| 10.42.16.0/20| hskrk-mciancia     | hskrk-mciancia |
 +| 10.42.32.0/20| hskrk-alwaro       | hskrk-alwaro |
 +| 10.42.48.0/20| hskrk-zagura       | hskrk-zagura |
 +| 10.44.0.0/16 | hswro              | hswro01    |
 +| 10.48.0.0/16 | tog                | tog01      |
 +| 10.50.0.0/24 | tkd                | xibalba    |
 | 10.78.0.0/24 | q3knet             | q3knet01   | | 10.78.0.0/24 | q3knet             | q3knet01   |
 +| 10.78.1.0/24 | q3knet             | q3knet02   |
 +| 10.78.2.0/24 | q3knet             | q3knet03   |
 +| 10.99.0.0/24 | BUKA               | BUKA-HSWAN-NET    |
 +| 10.100.0.0/23 | aquila | aquila01 |
 +| 10.110.0.0/16 | finitestate.solutions | fss00 |
 +| 172.20.171.64/26 | BUKA               | BUKA-DN42-NET    |
  
-==== IPv6 ====+==== IPv6 Addresses ====
  
 We need to figure this out soon. We need to figure this out soon.
Line 38: Line 85:
 ===== Security Implications ===== ===== Security Implications =====
  
-Since we model the current working of the Internet, security is mostly by trust. This means that, if you join hswan, you should take precautions by securing your local network. Remember to:+Since we base off the technology stack of the Internet, security is mostly by trust. This means that, if you join hswan, you should take precautions by securing your local network. Remember to:
  
   * Make sure to only expose services that you would feel comfortable with being directly on the Internet, so   * Make sure to only expose services that you would feel comfortable with being directly on the Internet, so
Line 63: Line 110:
   * Allowing propagation of hijacked prefixes and ASN announcements are ground for automatic termination of connectivity   * Allowing propagation of hijacked prefixes and ASN announcements are ground for automatic termination of connectivity
  
 +===== Compared to ChaosVPN =====
 +
 +[[people:q3k:start]] does not really enjoy the idea of being locked into one piece of software. Everything speaks BGP, and the physical link choice is left for the peers to decide (OpenVPN/IPSec/ATM/MPLS/CAT6/Fiber/Radio...).
 +
 +Also, hswan is more fun and less secure.
 +
 +===== Compared to dn42 =====
 +
 +Same concept - hswan was conjured up before q3k was aware of dn42.
 +
 +hswan is also compatible with the HSWAW address space and has more blocks available... for now.
  
 ====== hswan @ hswaw ====== ====== hswan @ hswaw ======
Line 69: Line 127:
  
   * DNS for waw.hackerspace.pl: 10.8.1.2   * DNS for waw.hackerspace.pl: 10.8.1.2
-  * NAS (for access talk to our BOsFH): 10.8.1.24 +  * <del>NAS (for access talk to our BOsFH): 10.8.1.24</del> 
-  * Our [[projects:cloud|private cloud / virtualization service]] (register an account with our BOsFH first) +  * <del>Our [[projects:cloud|private cloud / virtualization service]] (register an account with our BOsFH first)</del> 
-  * A Minecraft server managed by [[people:enleth:start]]: 10.11.1.24+  * <del>A Minecraft server managed by [[people:elia:start]]: 10.11.1.24</del>
  
 If you are @HSWAW, you are in HSWAN! Your laptop is statefully firewalled (only outgoing connections are allowed), don't worry. Additionally, if you host anything in our Lab, it will be accessible to people from the WAN. If you are @HSWAW, you are in HSWAN! Your laptop is statefully firewalled (only outgoing connections are allowed), don't worry. Additionally, if you host anything in our Lab, it will be accessible to people from the WAN.
 +
 +
 +====== „pictures of hswan” ======
 +
 +==== dfgg ====
 +
 +{{:projects:s9retqj.jpg?direct&300|}}
 +
 +  * 15:49 < dfgg> oto moja koncowka hswanu xD
 +  * 15:49 < q3k> quality xD
 +
 +==== q3k ====
 +
 +{{:projects:lackrack.jpg?direct300|}}
 +
 +Lackrack. Seal of approval included.
 +
 +{{:projects:seal.jpg?200|}}
projects/hswan.1411935382.txt.gz · Last modified: 2014/09/28 20:16 by q3k
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki