From base48
Jump to: navigation, search

The concept here is to organize the network infrastructure we already have in base.

Current status

(neighbornet)              (upc)
      |                      |eth1
+---------------+       +---------------+
|uplink(offline)|       |   carambola2  |--(wlan)
+---------------+       +---------------+
               |                   |eth0
               |                Gi1|     
              +-----------+      +---------------+
              |   switch  |------|Linksys SRW2024|
              +-----------+  Gi24+---------------+
                  |   |
                  |  +------+
            (lan)-/  |voyage|


  • essid dlink1337, channel 5, 802.11b/g (not working)
  • essid dlink31337, channel 1, 802.11g
  • essid base48, channel 11, 802.11ng
  •, 2a01:8c00:ffc7:1337::/64
  • L2/3 Linksys SW, telnet, ssh, http, https (user admin)
  • voyage.lan dhcp, AP:dlink31337, ssh and http
  • carambola2 active gateway/nat, AP:base48(same key), ssh, https, openvpn, 6in4
  • uplink.lan inactive gateway/nat, ssh

We hope to have a better utilization of available internet connections, with load balancing when possible, strong wifi signal all over the base and as many services as possible.

carambola2 now serves as openvpn server. Offers IPs from to 249. If anyone needs access can contact me or if he has access to carambola2 can create the keys at the /etc/easy-rsa/ folder. --Trendy (talk) 12:53, 26 May 2013 (CEST)

carambola2 now serves as 6in4 router to static tunnel to ignum pop, which replaces voyage's aiccu tunnel. Voyage still works, but no longer sends router advertisements. --Klubko (talk) 09:50, 1 June 2013 (CEST)

Linksys SW unfortunately only works as a single VLAN L2 switch.

Hot-swapped the Carambola with another one, running the latest Openwrt trunk r37892. We have new wan ip, need update in Sixxs. --Trendy (talk) 21:41, 5 September 2013 (CEST)

Updated script for SSH brute force protection in Carambola2. Firewall rules in /etc/firewall.user and script in /root/bin/ . Leasefile with blocked IPs in /root/dropBrute.leases --Trendy (talk) 20:34, 21 October 2014 (CEST)