Docs/Switches: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 8: | Line 8: | ||
== Switches == |
== Switches == |
||
=== WAN === |
|||
Our WAN is a LAGG across two ports. The link needs '''LACP enabled''' ("Static mode" '''off''' in 1Gb Ubiquiti Switch) [https://www.reddit.com/r/Ubiquiti/comments/7xs70n/lag_dynamic_vs_static/duauolg/], and '''STP off'''. |
Our WAN is a LAGG across two ports. The link needs '''LACP enabled''' ("Static mode" '''off''' in 1Gb Ubiquiti Switch) [https://www.reddit.com/r/Ubiquiti/comments/7xs70n/lag_dynamic_vs_static/duauolg/], and '''STP off'''. |
||
IT configures their switches to automatically shut off ports if they detect STP advertisements. |
IT configures their switches to automatically shut off ports if they detect STP advertisements. |
||
Reference commands to make a Cisco switch satisfy the requirements:<syntaxhighlight lang="text"> |
|||
(config-if)# spanning-tree bpdufilter enable |
|||
(config-if)# spanning-tree bpduguard disable |
|||
</syntaxhighlight> |
|||
=== Internal VLANs === |
|||
<describe vlan config> |
<describe vlan config> |
||
Revision as of 08:41, 23 April 2025
Our firewall/router runs pfSense, soon to be migrated to OPNsense.
All IP addressing of servers and virtual machines happens through DHCP, and can be viewed in the pfSense 'DHCP Leases' tab. (except Proxmox nodes, which don't support DHCP and require static addressing)
Otherwise, most configuration can be viewed by poking around the web interface.
Switches
WAN
Our WAN is a LAGG across two ports. The link needs LACP enabled ("Static mode" off in 1Gb Ubiquiti Switch) [1], and STP off.
IT configures their switches to automatically shut off ports if they detect STP advertisements.
Reference commands to make a Cisco switch satisfy the requirements:
(config-if)# spanning-tree bpdufilter enable
(config-if)# spanning-tree bpduguard disable
Internal VLANs
<describe vlan config>