This is == General Information ===== IPv4 ===Most Internet-connected computers communicate using Internet Protocol version 4, usually abbreviated IPv4. IPv4 assigns an address to each computer. These addresses are 32 bits long, and can be written as a period-separated list of four numbers from zero to 255. One example would be 192.168.1.1, an attempt address commonly given to document VTLUUG's overly complex home networking setupequipment. Apologies The 32-bit address space of IPv4 allows for about four billion addresses. Given that there are over six billion people on the disorganizationplanet, this is mainly just a it's clear that these addresses will eventually run out. It turns out that due to the way to get everything these addresses are allocated in one placeblocks, we actually already have run out. --[[User:Mjh|Mjh]] ([[User talk:Mjh|talk]]) 21:43, 28 December 2014 (EST)
=== Limitations IPv6 ===We have a single 100 Mbps CNS portEnter IP version 6, which comes with the following limitations:* Only one MAC or IPv6. IPv6 uses 128 bits for each address may appear on , but is not yet very widely used. Virginia Tech, being the port at a time (port security)* There cutting edge institution it is no prefix delegation for , already supports IPv6campus-wide. While this does not directly affect your computing experience, so each address must connecting your computer to a native IPv6 networks has a few implications you should be individually requested via NDPaware of.
This means we must:* Use ARP proxying or 1-to-1 NAT for IPv4* Use an NDP proxy for IPv6=== Stateless Autoconfiguration and Privacy Extensions ===
=== Current setup ===Hardware:* "luugtemp" In IPv4, a computer would need to be told its address either manually or "temp88191": by using a Poweredge 2x50 with 2 NICs configured as network service called DHCP. In DHCP, the computer asks a server to assign it an Ubuntu router* 8-port Gigabit unmanaged switch* 48-port 100 Mbps managed switch (attached to sunway)IP address that is not in use by anyone else.
Port security evasion:* A bash script named In IPv6, the address space is so large that a mechanism called "Natstateless autoconfiguration" which presumably does 1-to-1 NAT* NDP proxying via https://npd6can be used.githubIn stateless autoconfiguration, a computer asks a nearby router for the network prefix (the first few digits of the IP address that will be the same for all computers on the network), and then the computer fills in the rest of the bits by using the hardware address of the network adapter.io/npd6/** This is broken an misconfigured. It doesn't properly add routesmeans that by default, your IP address could be used to uniquely identify your computer anywhere on the Internet, threatening your privacy online.
IPs / networks:* temp88191 is 10.0.0.1/8 and 128.173.88.191. It provides DHCP on our internal interface* Sunway has static IPs setup (10.0.97.10 to 10.0.97.28)* Rackable servers: joey (10.0.4.10) and phantomphreak (10.0.4.11)* cyberdelia's IPv4 is luug0.ece.vt.edu** Port 9001 <-> 10.0.1.3 (cerealkiller)** Port 9030 <-> 10.0.1.3 (cerealkiller)* wood's IPv4 is luug1.ece.vt.edu* milton's IPv4 is luug2.ece.vt.edu== Current ==* luug3.ece.vt.edu is (in theory) used by westinghouse (sunway's head node)* acidburn's IPv4 is luug.ece.vt.edu* acidburn has iodine configured as a DNS tunnel (10.152.78.1/27)* Other tenants of our routerSee [[Infrastructure: mjh.ece.vt.edu and mirror.ece.vt.edu * 10.99.0.2/24 appears to be statically assigned to wood's guests.Network]]
Cyberdelia VMs - assigned 10.0.1.1/24 (not actually a separate subnet):* dhcp-host=52:54:00:14:df:c2,10.0.1.1 # "mail" (not yet configured)* dhcp-host=52:54:00:68:81:33,10.0.1.2 # crashoverride 2.0* dhcp-host=52:54:00:40:9a:55,10.0.1.3 # Cerealkiller 2.0 ==See Also = Desired Setup ===This is what I'm hoping to migrate us to:* OpenWrt ([https[Infrastructure://github.com/sbyx/odhcpd odhcpdNetwork#DNS|DNS]] has built-in NDP proxying)* An internal network smaller than a /8 (room for expansion)* IPsec (point-to-point and road warrior for users)* Each VM host has a bridged ethernet port with a global IPv4 address and performs NAT to its VMs. Additional IPv4s are assigned as VMs as needed (e.g. milton and acidburn probably need their own)* All internal IPv4 addresses are static leases assigned by temp88191 or set statically '''and documented somewhere'''; hypervisors do not have their own networks unnecessarily like wood currently does.* Each device has a global IPv6 address[[Deprecated Network]]
[[Category:Infrastructure]]