Infrastructure:Networking

From Reverse Space Wiki
Jump to: navigation, search

Information Mogul: Derek

Ascii Network Diagram GO!

/^^^^^^^^^^^^^^^^^^^\
|   The Internet    |
\vvvvvvv | vvvvvvvvv/
         | 
         | Reversespace's connection (IP TBD)
         |
Cronos ->H ---------------X
         |     DMZ        |
Internal |                H OpenVPN server
         |                |
         |              CyberWar
         |              Center
  /------X-----H
  | TBD Net | WAP
  |  Wired  |
  \---------/


Details about connection available through Cronos

  • The incoming connection allows only SSH traffic and ESTABLISHED connections
  • The DMZ has full NAT access to the internet connection
  • The Trusted network may access the listed services from Cronos
  • The Trusted network may pass ICMP, HTTP, HTTPS, and SSH traffic out to the internet
  • The Trusted network may pass SSH traffic to the DMZ
  • The wireless access point bridges wireless and wired traffic

Services available:

  • DNS - forwarding requests, as well as hostnames for services
  • DHCP - passing local gateway and DNS server information
  • LDAP - Currently unused, will allow domain logins
  • RADIUS - Providing 802.1x auth and acct for WAP

Services needed:

  • HTTP - To be put on the DMZ, if desired
  • NAS - Allow local storage on the Trusted Net, tied in with domain accounts