1.4 KiB
1.4 KiB
| title | description | published | date | tags | editor | dateCreated |
|---|---|---|---|---|---|---|
| Network Topology | Netgrimoire network layout — VLANs, subnets, routing | true | 2026-04-12T00:00:00.000Z | keystone, network | markdown | 2026-04-12T00:00:00.000Z |
Network Topology
Subnets
| Subnet | Purpose |
|---|---|
| 192.168.3.0/24 | OPNsense / firewall management |
| 192.168.4.0/24 | ISPConfig / web hosting |
| 192.168.5.0/24 | Primary LAN — all Docker hosts |
| 192.168.8.0/24 | Pocket Grimoire (GL.iNet Beryl AX) |
| 192.168.32.0/24 | WireGuard VPN peers |
WireGuard Peers
| Peer | IP | Device |
|---|---|---|
| Obie | 192.168.32.2 | — |
| pncfishandmore | 192.168.32.3 | — |
| GLNet | 192.168.32.4 | GL.iNet router |
| PortaPotty | 192.168.32.5 | Pocket Grimoire laptop |
| GLNet | 192.168.32.6 | Second GL.iNet |
DNS
Internal DNS runs on Technitium at 192.168.5.7 (dns.netgrimoire.com), behind Authentik.
All *.netgrimoire.com and *.wasted-bandwidth.net internal hostnames resolve via Technitium. Public DNS managed via ISPConfig and domain registrars.
Docker Overlay Network
All Swarm services share the netgrimoire external overlay network (VIP mode). This is the only overlay network in use.
Name: netgrimoire
Driver: overlay
Mode: VIP (always — dnsrr is banned)
See Docker Swarm Template for attachment rules.