Details added
This commit is contained in:
parent
ffcfb09ddd
commit
8ec3eaf57f
|
|
@ -561,19 +561,30 @@ Info | {{ block.super }}
|
|||
</div>
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading">
|
||||
<h4 class="panel-title">Wired Network</h4>
|
||||
<h4 class="panel-title">Internet Connection and Uplink</h4>
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<p>
|
||||
BornHack will have a wired and a wireless network. The wired
|
||||
network will run with public internet addresses (v4 and v6)
|
||||
BornHack will have a 1Gbit fiber uplink to the outside
|
||||
world generously sponsored by BornFiber. We have plenty
|
||||
of IP space to go around, courtesy of RIPE NCC temporary assignment.
|
||||
</p>
|
||||
</div>
|
||||
</div> <div class="panel panel-default">
|
||||
<div class="panel-heading">
|
||||
<h4 class="panel-title">Networks: Wired and Wireless</h4>
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<p>
|
||||
BornHack will have both wired and wireless networks. The default
|
||||
networks will run with public internet addresses (v4 and v6)
|
||||
so you must protect yourself with a firewall at all times.
|
||||
</p>
|
||||
<p>
|
||||
The wired network will be split in two parts where one uses
|
||||
static, manually configured IP addresses, and the other uses
|
||||
dynamic (DHCP) allocation. If you want to set up servers with
|
||||
static IP's you should use the static network. You can also use
|
||||
The wired network will provide DHCP but also allow manually
|
||||
configured IP addresses, using peg DHCP according to Management
|
||||
of IP numbers by peg-dhcp RFC 2322. If you want to set up servers
|
||||
we recommend to do so with static IP's. You can also use
|
||||
static configuration on clients to avoid attacks involving
|
||||
rogue DHCP servers and similar.
|
||||
</p>
|
||||
|
|
@ -585,24 +596,19 @@ Info | {{ block.super }}
|
|||
</div>
|
||||
<div class="panel-body">
|
||||
<p>
|
||||
There will be two wireless networks, one with public
|
||||
addresses like the wired, and one which is behind NAT for
|
||||
ipv4 and a stateful firewall for ipv6. The security on the
|
||||
wireless network will be EAP-TLS where any credentials
|
||||
can be used. There is no user management, we just use
|
||||
EAP-TLS to get the encryption it provides.
|
||||
There will be multiple wireless networks, using standard
|
||||
IEE 802.11 5GHz and 2.4GHz.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading">
|
||||
<h4 class="panel-title">Bandwidth and Uplink</h4>
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<p>
|
||||
BornHack will have a 1 gigabit fibre uplink to the outside
|
||||
world generously sponsored by BornFiber. We will have plenty
|
||||
of IP space to go around, courtesy of RIPE.
|
||||
We will also provide a wireless network which is put behind NAT,
|
||||
which is similar to usual guest networks. NOTE: NAT IS NOT SECURITY,
|
||||
use caution always - turn the firewall on.
|
||||
</p>
|
||||
</p>
|
||||
One SSID will also be configure to use WPA Enterprise with 802.1x
|
||||
aka EAP-TLS - where any credentials
|
||||
can be used. There is no user management, we just use
|
||||
EAP-TLS to get the encryption it provides for individual users.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Reference in a new issue