Docs/Switches: Difference between revisions

Latest revision as of 21:41, 29 September 2025

For Layer 1 network details, see Docs/Cables.

For Layer 3 network details, see Docs/OPNSense.

VLANs

Network	VLAN ID
Management	1
LAN	2
kubernetes	30
WAN	640

Switch Ports

Fiber switch:

Switch port	Client	Client port	VLAN 1 (Mgmt.)	VLAN 2 (LAN)	VLAN 30 (???)	VLAN 640 (WAN)
1	Shell		Excluded	Untagged	Excluded	Excluded
2	Storage		Excluded	Untagged	Excluded	Excluded
3	Mirrors		Excluded	Untagged	Excluded	Excluded
4	Kurisu		Excluded	Untagged	Excluded	Excluded
5	Okabe		Excluded	Untagged	Excluded	Excluded
6	Daru		Excluded	Untagged	Excluded	Excluded
7	Mayuri		Excluded	Untagged	Excluded	Excluded
8	Luka		Excluded	Untagged	Excluded	Excluded
9	Watch		Excluded	Untagged	Excluded	Excluded
10	N/A		Excluded	Untagged	Excluded	Excluded
11	ravioli	ix1 (left SFP)	Tagged	Tagged	Excluded	Excluded
12	lasagna		Tagged	Tagged	Excluded	Excluded
13	48 Port	Port 45	Tagged	Tagged	Excluded	Excluded
14	48 Port	Port 46	Tagged	Tagged	Excluded	Excluded
15	48 Port	Port 47	Tagged	Tagged	Excluded	Excluded
16	48 Port	Port 48	Tagged	Tagged	Excluded	Excluded

Ethernet switch:


Switch port	Client	Client port	VLAN 1 (Mgmt.)	VLAN 2 (LAN)	VLAN 30 (???)	VLAN 640 (WAN)
1			Excluded	Excluded	Excluded	Untagged
2			Excluded	Excluded	Excluded	Untagged
3			Excluded	Excluded	Excluded	Untagged
4			Excluded	Excluded	Excluded	Untagged
5	Lasagna	bge0	Excluded	Excluded	Excluded	Untagged
6	Mirrors		Excluded	Excluded	Excluded	Untagged
7	Shell		Excluded	Excluded	Excluded	Untagged
8			Excluded	Excluded	Excluded	Untagged
9	Ravioli?		Excluded	Excluded	Excluded	Untagged
10			Excluded	Excluded	Excluded	Untagged
11			Excluded	Excluded	Excluded	Untagged
12			Excluded	Excluded	Excluded	Untagged
13	Lasagna	igb3	Untagged	Tagged	Tagged	Excluded
14			Untagged	Excluded	Excluded	Excluded
15			Untagged	Excluded	Excluded	Excluded
16			Untagged	Excluded	Excluded	Excluded
17			Untagged	Excluded	Excluded	Excluded
18			Untagged	Excluded	Excluded	Excluded
19			Untagged	Excluded	Excluded	Excluded
20			Untagged	Excluded	Excluded	Excluded
21			Untagged	Excluded	Excluded	Excluded
22			Untagged	Excluded	Excluded	Excluded
23			Untagged	Excluded	Excluded	Excluded
24			Untagged	Excluded	Excluded	Excluded
25			Untagged	Excluded	Excluded	Excluded
26			Untagged	Excluded	Excluded	Excluded
27	Shell		Excluded	Untagged	Tagged	Excluded
28	Storage		Excluded	Untagged	Tagged	Excluded
29	Kurisu		Excluded	Untagged	Tagged	Tagged
30	Okabe		Excluded	Untagged	Tagged	Tagged
31	Daru		Excluded	Untagged	Tagged	Tagged
32	Luka		Excluded	Untagged	Tagged	Tagged
33	Mayuri		Excluded	Untagged	Tagged	Tagged
34			Excluded	Untagged	Tagged	Excluded
35			Excluded	Untagged	Tagged	Tagged
36			Excluded	Untagged	Tagged	Tagged
37			Excluded	Untagged	Tagged	Tagged
38			Excluded	Untagged	Tagged	Tagged
39			Excluded	Untagged	Tagged	Excluded
40			Excluded	Untagged	Tagged	Excluded
41			Excluded	Untagged	Tagged	Excluded
42			Excluded	Untagged	Tagged	Excluded
43			Excluded	Untagged	Tagged	Excluded
44			Excluded	Untagged	Tagged	Excluded
45	12 port	Port 13	Untagged	Tagged	Tagged	Excluded
46	12 port	Port 14	Untagged	Tagged	Tagged	Excluded
47	12 port	Port 15	Untagged	Tagged	Tagged	Excluded
48	12 port	Port 16	Untagged	Tagged	Tagged	Excluded
49			Excluded	Excluded	Excluded	Excluded
50			Untagged	Excluded	Excluded	Excluded
51	MTU UP 1	MTU	Excluded	Excluded	Excluded	Tagged
52	MTU UP 2	MTU	Excluded	Excluded	Excluded	Tagged

WAN

Our WAN is a LAGG across two ports. The link needs LACP enabled ("Static mode" off in 1Gb Ubiquiti Switch) [1], and STP off.

IT configures their switches to automatically shut off ports if they detect STP advertisements.

Reference commands to make a Cisco switch satisfy the requirements:

(config-if)# spanning-tree bpdufilter enable
(config-if)# spanning-tree bpduguard disable

@@ Line 1: / Line 1: @@
 [[Docs|<small>~/Docs</small>]]
+'''For Layer 1 network details, see [[Docs/Cables]].'''
-Our firewall/router runs [https://www.pfsense.org/ pfSense], soon to be migrated to [https://opnsense.org/ OPNsense].
+'''For Layer 3 network details, see [[Docs/OPNsense|Docs/OPNSense]].'''
-All IP addressing of servers and virtual machines happens through DHCP, and can be viewed in the pfSense 'DHCP Leases' tab. (except Proxmox nodes, which don't support DHCP and require static addressing)
+== VLANs ==
-Otherwise, most configuration can be viewed by poking around the web interface.
+{| class="wikitable"
+!Network
+!VLAN ID
+|-
+|Management
+|1
+|-
+|LAN
+|2
+|-
+|kubernetes
+|30
+|-
+|WAN
+|640
+|}
-== Switches ==
+== Switch Ports ==
+Fiber switch:
+{| class="wikitable"
+!Switch port
+!Client
+!Client port
+!VLAN 1 (Mgmt.)
+!VLAN 2 (LAN)
+!VLAN 30 (???)
+!VLAN 640 (WAN)
+|-
+|1
+|Shell
+|
+|Excluded
+|Untagged
+|Excluded
+|Excluded
+|-
+|2
+|Storage
+|
+|Excluded
+|Untagged
+|Excluded
+|Excluded
+|-
+|3
+|Mirrors
+|
+|Excluded
+|Untagged
+|Excluded
+|Excluded
+|-
+|4
+|Kurisu
+|
+|Excluded
+|Untagged
+|Excluded
+|Excluded
+|-
+|5
+|Okabe
+|
+|Excluded
+|Untagged
+|Excluded
+|Excluded
+|-
+|6
+|Daru
+|
+|Excluded
+|Untagged
+|Excluded
+|Excluded
+|-
+|7
+|Mayuri
+|
+|Excluded
+|Untagged
+|Excluded
+|Excluded
+|-
+|8
+|Luka
+|
+|Excluded
+|Untagged
+|Excluded
+|Excluded
+|-
+|9
+|Watch
+|
+|Excluded
+|Untagged
+|Excluded
+|Excluded
+|-
+|10
+|N/A
+|
+|Excluded
+|Untagged
+|Excluded
+|Excluded
+|-
+|11
+|ravioli
+|ix1 (left SFP)
+|Tagged
+|Tagged
+|Excluded
+|Excluded
+|-
+|12
+|lasagna
+|
+|Tagged
+|Tagged
+|Excluded
+|Excluded
+|-
+|13
+|48 Port
+|Port 45
+|Tagged
+|Tagged
+|Excluded
+|Excluded
+|-
+|14
+|48 Port
+|Port 46
+|Tagged
+|Tagged
+|Excluded
+|Excluded
+|-
+|15
+|48 Port
+|Port 47
+|Tagged
+|Tagged
+|Excluded
+|Excluded
+|-
+|16
+|48 Port
+|Port 48
+|Tagged
+|Tagged
+|Excluded
+|Excluded
+|}
+Ethernet switch:
+{| class="wikitable"
+|+
+!Switch port
+!Client
+!Client port
+!VLAN 1 (Mgmt.)
+!VLAN 2 (LAN)
+!VLAN 30 (???)
+!VLAN 640 (WAN)
+|-
+|1
+|
+|
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|2
+|
+|
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|3
+|
+|
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|4
+|
+|
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|5
+|Lasagna
+|bge0
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|6
+|Mirrors
+|
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|7
+|Shell
+|
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|8
+|
+|
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|9
+|Ravioli?
+|
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|10
+|
+|
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|11
+|
+|
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|12
+|
+|
+|Excluded
+|Excluded
+|Excluded
+|Untagged
+|-
+|13
+|Lasagna
+|igb3
+|Untagged
+|Tagged
+|Tagged
+|Excluded
+|-
+|14
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|15
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|16
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|17
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|18
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|19
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|20
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|21
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|22
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|23
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|24
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|25
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|26
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|27
+|Shell
+|
+|Excluded
+|Untagged
+|Tagged
+|Excluded
+|-
+|28
+|Storage
+|
+|Excluded
+|Untagged
+|Tagged
+|Excluded
+|-
+|29
+|Kurisu
+|
+|Excluded
+|Untagged
+|Tagged
+|Tagged
+|-
+|30
+|Okabe
+|
+|Excluded
+|Untagged
+|Tagged
+|Tagged
+|-
+|31
+|Daru
+|
+|Excluded
+|Untagged
+|Tagged
+|Tagged
+|-
+|32
+|Luka
+|
+|Excluded
+|Untagged
+|Tagged
+|Tagged
+|-
+|33
+|Mayuri
+|
+|Excluded
+|Untagged
+|Tagged
+|Tagged
+|-
+|34
+|
+|
+|Excluded
+|Untagged
+|Tagged
+|Excluded
+|-
+|35
+|
+|
+|Excluded
+|Untagged
+|Tagged
+|Tagged
+|-
+|36
+|
+|
+|Excluded
+|Untagged
+|Tagged
+|Tagged
+|-
+|37
+|
+|
+|Excluded
+|Untagged
+|Tagged
+|Tagged
+|-
+|38
+|
+|
+|Excluded
+|Untagged
+|Tagged
+|Tagged
+|-
+|39
+|
+|
+|Excluded
+|Untagged
+|Tagged
+|Excluded
+|-
+|40
+|
+|
+|Excluded
+|Untagged
+|Tagged
+|Excluded
+|-
+|41
+|
+|
+|Excluded
+|Untagged
+|Tagged
+|Excluded
+|-
+|42
+|
+|
+|Excluded
+|Untagged
+|Tagged
+|Excluded
+|-
+|43
+|
+|
+|Excluded
+|Untagged
+|Tagged
+|Excluded
+|-
+|44
+|
+|
+|Excluded
+|Untagged
+|Tagged
+|Excluded
+|-
+|45
+|12 port
+|Port 13
+|Untagged
+|Tagged
+|Tagged
+|Excluded
+|-
+|46
+|12 port
+|Port 14
+|Untagged
+|Tagged
+|Tagged
+|Excluded
+|-
+|47
+|12 port
+|Port 15
+|Untagged
+|Tagged
+|Tagged
+|Excluded
+|-
+|48
+|12 port
+|Port 16
+|Untagged
+|Tagged
+|Tagged
+|Excluded
+|-
+|49
+|
+|
+|Excluded
+|Excluded
+|Excluded
+|Excluded
+|-
+|50
+|
+|
+|Untagged
+|Excluded
+|Excluded
+|Excluded
+|-
+|51
+|MTU UP 1
+|MTU
+|Excluded
+|Excluded
+|Excluded
+|Tagged
+|-
+|52
+|MTU UP 2
+|MTU
+|Excluded
+|Excluded
+|Excluded
+|Tagged
+|}
 === WAN ===
@@ Line 18: / Line 599: @@
 (config-if)# spanning-tree bpduguard disable
 </syntaxhighlight>
-=== Internal VLANs ===
-<describe vlan config>