You are here

Home » Forums » General discussion

Network Diagram

6 posts / 0 new
Log in or register to post comments
Last post
Tue, 02/20/2024 - 14:20
#1
TA1IN
Network Diagram
I'm trying to figure out the structure of AREDN. How is network segmentation structured? I'm trying to understand this because I want to be able to configure the security configurations as a community properly. Let's not publish our data in vain :) Is there such a detailed technical document?
Top
Tue, 02/20/2024 - 15:44
nc8q
nc8q's picture
security configurations as a community
I do not understand.
security is privacy...keeping others out (exclusive).
community is public...allowing others in (inclusive).
security != community.
?

73, Chuck

 
Top
Tue, 02/20/2024 - 16:16
TA1IN
I agree with what you said. I
I agree with what you said. I understand that. But we look at it differently.

But, for example, do you want other community members to see your home camera connected to the same network due to a vulnerability caused by the application? This is what I'm talking about. Otherwise, of course, we try to share everything here. chat, fileserver, webserver, sipserver etc.

I'm just trying to understand the structure. There was no need to be angry :)

73
 
Top
Tue, 02/20/2024 - 22:35
(Reply to #3)
nc8q
nc8q's picture
do you want other community members to see your home camera
No.
So, I do not put my home camera on the AREDN community network.
I would put my home camera on my home network.
I put my outside camera pointing at my solar panels on the AREDN community network.
Not angry.
73, Chuck

 
Top
Tue, 02/20/2024 - 16:27
kc8ufv
kc8ufv's picture
It's actually a pretty simple
It's actually a pretty simple structure. The mesh nodes interconnect on, from an IP perspective, a flat network, with each node having a 10.x.x.x/8 address. The LAN side of the node provides either routable 10.x.x.x addresses (variable mask based on the number of allowed hosts - "X hosts direct") or will have NON-routable addresses in NAT mode, where it will work more like your home router. The optional 3rd side of the node is the WAN side, which is there to allow local devices access to the internet, and/or for tunnel connections between nodes. The WAN side can be shared with the mesh, but such use is often discouraged, and disabled by default, as a traffic control mechanism.
Top
Tue, 02/20/2024 - 16:30
(Reply to #5)
TA1IN
Thanks very much for the
Thanks very much for the technical information,73.
 
Top

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer