Revision as of 16:18, 8 December 2008

Network Connection in the NDPF

The configuration files and the source to the generated ACLs is in subversion at https://ndpfsvn.nikhef.nl/repos/ndpf/nl.nikhef.ndpf.config/routers/. Use your farm username and password (if you're authorized to begin with, i.e. are a member of the NDPFAdministrators directory group to get access, or check out from SVN using ssh.

To view actual bandwidth usage, Cricket graphs are available at http://www.dutchgrid.nl/ndpf/cricket/grapher.cgi (or on salado, the network management host, if you are within the Nikhef domain).

VLAN Identification and network naming

Colour coding: red is in use on deel, green is in use on nikgrid, and thus yellow is in use on both ...

**VLAN Table**
VLAN ID	logicalName	Description
2	p4ctb	Limited Access VL-e and BiGGrid P4 Certification Test Bed
3	public-comb	NDPF production core and grid services combined
4	ipmi	Local management network
5	interconnect	Interconnect network to hef-router
6	gridsrv	Service box network
7	vobox	Class-1 VObox network
8	nordic	Local management network
9	farmnet	Worker nodes
10	opninterconnect	Interconnect network to nikopn
11	(rofcluster)	Reserved
12	deelinterconnect	Interconnect network to deel
13	opnuplink	LHCOPN up link to SARA
14	opnstorage	Storage servers

Network Namanegent System

A dedicated system is used to control the routers and the management switch. It has three ethe interfaces: eth0 connects it to the Nikhef guestnet (as salado.nikhef.nl) and should always be reachable, even if the deel and nikopn routers themselves are messed up. It's second interface (eth1) is connected to deel as a tagged interconnect, and links it to the public-sec network (as schoffel.nikhef.nl) as well as the ipmi network (as salado.ipmi.nikhef.nl, i.e., 172.20.1.255). The third interface actually connects the management blades of deel and nikopn, and can be used to control sw-mngt-01 (the 10/100 switch in c14). It has the address 192.168.254.4/24, where on that network deel is 192.168.254.1, nikopn is 192.168.254.2, and sw-mngt-01 is 192.168.254.254. Logging from this box is sent to boes.nikhef.nl, whose IP address is statically configured in /etc/hosts. Note that boes MUST be on a directly connected network to remain secure. It also has the MAC address of boes hardwires in /etc/ethers.

A copy of the cricket installation, configuration and data as of Oct 24, 2008, is available at (hefnet):/global/ices/grid/nikhef/network.

Deel

Module 3 (rx-bi-10g-4-port)

**Module 3 (rx-bi-10g-4-port)**
Port	VLANs	Cable	Destination	Comments
1
2
3	11	K80501617	nikopn
4

Module 6 (rx-bi-1g-24-port-copper)

**Module 6 (rx-bi-1g-24-port-copper)**
Port	VLANs	Cable	Destination	Comments
1	5	HEF21/2-19	hef-router	trunk 6/2
2	5	Cross 51	hef-router	trunk 6/1
3	T3,4	26	c14: sw-public-sec-01	trunk 6/4
4	T3,4	27	c14: sw-public-sec-01	trunk 6/3
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

Module 7 (rx-bi-1g-24-port-fiber)

**Module 7 (rx-bi-1g-24-port-fiber)**
Port	VLANs	Cable	Destination	Comments
1
2
3	9	NIK1354	c26:sw-luilak2-01
4	9	NIK1319	c27:sw-luilak2-02
5	9	NIK1246	c23:sw-luilak1-01
6	9	NIK1247	c23:sw-luilak1-02
7	3	080402/009/010	c18:sw-public-comb
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23				1350nm
24				1350nm

Module 10 (rx-bi-1g-24-port-copper)

**Module 10 (rx-bi-1g-24-port-copper)**
Port	VLANs	Cable	Destination	Comments
1	T3,4	1	c14:sw-public-grid-01	trunk 10/2
2	T3,4	2	c14:sw-public-grid-01	trunk 10/1
3	6	#200	c02:hek
4	6	#202	c02:gierput
5	6	#203	c02:kaasvat
6	6	HA-6	c23:keerder
7	8	HA-1	c23:ullr
8	2	HA-4	c23:bleek
9	3	NIK1440	c16:bedstee
10	9	F1	c21:sw-bulldozer-01
11	9	F2	c22:sw-bulldozer-02
12	4	F0	c22:terp (DRCS)
13	3	F3	c22:dorsvlegel
14	3	F4	c22:tbn15
15
16
17
18
19
20
21
22
23
24

Module 13 (rx-bi-1g-24-port-copper)

**Module 13 (rx-bi-1g-24-port-copper)**
Port	VLANs	Cable	Destination	Comments
1
2
3	T3,4	NDPF0814-2	c14:netmanager
4	4	14	c14:sw-mngt-01
5	6	#201	c02:beerput
6	6	0729-09	c17:kuiken
7	8	0729-10	c18:kvasir
8	9	valentine-5	c07:sw-valentine-01
9	9	valentine-7	c06:sw-valentine-02
10	9	valentine-8	c04:sw-valentine-03
11	6	valentine-6	c05:rijf
12	6	generic-08	c26:gareel
13	2	generic-07	c26:span
14	8	7 (seven)	c15:melktank
15	3	43(dupl)	c16:bedstee alternate
16	2	(unknown)	c1:speeltuin hall/BI15k
17	2	48	kudde
18	2	46	toom
19	8	NIK1212	virtualschoollab
20	4	(blue)	mngt-ext-nikopn
21	8	[43]	arrone
22	8	[44]	aulnes
23	7	NIK1208	kot
24

Module 16 (rx-bi-1g-48-port-copper)

Beware: editing this module may cause the line card to end up in an infinite reboot cycle. Apparently either the hardware is faulty or firmware 2.4.0eT155 (Ironware 2.4.0eT157) in the line card has a firmware bug)

**Module 16 (rx-bi-1g-48-port-copper)**
Port	VLANs	Cable	Destination	Comments
1		#4	H140 patchpanels	temporarily re-assigned
2	2	48	c18:kudde
3	2	46	c18:toom
4	8	NIK1212	c18:virtualschoollab
5
6	4	(blue)	c14:nikopn mngt vlan extension
7	3	HA-0	c23:hilde
8	3	HA-3	c23:kaf
9	3	HA-5	c23:kribbe
10	3	HA-7	c23:boszwijn
11	3	HA-8	c23:schuur
12	3	HA-9	c23:hoeve
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31	3	[42]	c15:hooiberg	trunk 16/32
32	3	[40]	c15:hooiberg	trunk 16/31
33	8	[43]	c15:arrone
34	8	[44]	c15:aulnes
35	3	[41]	c15:erf
36	7	NIK1208	c18:kot
37
38
39
40
41
42
43
44
45
46
47	3
48	3	#4	H1.169 (H.157)

NikOPN

Module 1 (rx-bi-10g-4-port)

**Module 1 (rx-bi-10g-4-port)**
Port	VLANs	Cable	Destination	Comments
1	13	NIK2109	SARA via H140
2	12	K80501617	c14:deel
3
4

Module 2 (rx-bi-1g-48-port-copper)

**Module 2 (rx-bi-1g-48-port-copper)**
Port	VLANs	Cable	Destination	Comments
1	14	6 ("six")	c15:hooiwagen
2
3
4
5
6
7	14		c28:hooi-ei-01
8	14		c28:hooikoorts
9	14		c28:hooi-ei-03
10	14		c28:hooi-ei-06
11	14		c28:hooi-ei-04
12	14		c28:hooi-ei-01
13	14		c28:hooi-ei-03
14	14	[45]	c16:hooizolder
15	14
16	14	garitxako	c16:garitxako
17	14	0729-08	c18:hooivork
18	14	NIK1442	c16:hooibroei
19	14	10 ("ten")	c15:hooikuil
20	14	HA-2	c23:hooibaal	hosting tbn18
21	14	NIK1209	c18:hooikist
22	14	NIK1210	c18:hooischelf
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

Module 7 (rx-bi-10g-4-port)

**Module 7 (rx-bi-10g-4-port)**
Port	VLANs	Cable	Destination	Comments
1	14	17040	c28:opnstorage-sw-easteregg-01	(check cable no!)
2
3
4

sw-public-grid-01

**Public Grid (sw-public-grid-01, cab 14)**
Port	VLANs	Cable	Destination	Comments
1	3	generic-01	c27:dissel
2	3	generic-02	c27:bats
3	3	generic-03	c27:mesthoop
4	3	generic-04	c27:silo
5	3	generic-05	c27:moestuin
6	3	generic-10	c26:appelvanger
7	3	1 (c15)	c15:trog
8	3	2 (c15)	c15:stal
9	3	3 (c15)	c15:tbn20
10	3	4 (c15)	c15:boswachter
11	3	5 (c15)	c15:bosheks
12	3	8 (c15)	c15:dorsvloer
13	3	9 (c15)	c15:hooimijt
14
15
16
17
18
19
20
21
22
23	T3,4	1 (c14)	c14:deel	trunk 24
24	T3,4	2 (c14)	c14:deel	trunk 23

sw-public-sec-01

**Public Sec (sw-public-sec-01, cab 14)**
Port	VLANs	Cable	Destination	Comments
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23	T3,4	26 (c14)	c14:deel	trunk 24
24	T3,4	27 (c14)	c14:deel	trunk 23

sw-mngt-01

**Net and IPMI Management switch (sw-mngt-01, cab 14)**
Port	VLANs	Cable	Destination	Comments
1	1	0814-3	c14:salado
2	1	black	c14:deel-man
3
4
5	4	47	c18:toom-ipmi
6	4	49	c18:kudde-ipmi
7	4	red "crossed"	c28:ipmi-switch
8	4	valentine-10	c6:linksys
9	4	101-boven	c21:ipmi
10	4	102-boven	c20:ipmi
11	4	103-boven	c22:ipmi
12	4	104-boven	c23:ipmi
13	1	20	c14:nikopn-man
14	1	?	c14:equinoxELS TS
15
16
17	4	NIK1211	c18:drcs-ruif
18
19
20
21
22
23
24
25	4	??	c14:deel
26

@@ Line 451: / Line 451: @@
 | 14 || 14 || [45] || c16:hooizolder
 |- style="background:yellow"
-| 15 || 14 || NIK1441 ||
+| 15 || 14 || ||
 |- style="background:yellow"
 | 16 || 14 || garitxako || c16:garitxako

Difference between revisions of "NetworkDeelConnections"