49 lines
1.4 KiB
Markdown
49 lines
1.4 KiB
Markdown
---
|
|
title: Network Topology
|
|
description: Netgrimoire network layout — VLANs, subnets, routing
|
|
published: true
|
|
date: 2026-04-12T00:00:00.000Z
|
|
tags: keystone, network
|
|
editor: markdown
|
|
dateCreated: 2026-04-12T00:00:00.000Z
|
|
---
|
|
|
|
# Network Topology
|
|
|
|
## Subnets
|
|
|
|
| Subnet | Purpose |
|
|
|--------|---------|
|
|
| 192.168.3.0/24 | OPNsense / firewall management |
|
|
| 192.168.4.0/24 | ISPConfig / web hosting |
|
|
| 192.168.5.0/24 | Primary LAN — all Docker hosts |
|
|
| 192.168.8.0/24 | Pocket Grimoire (GL.iNet Beryl AX) |
|
|
| 192.168.32.0/24 | WireGuard VPN peers |
|
|
|
|
## WireGuard Peers
|
|
|
|
| Peer | IP | Device |
|
|
|------|----|--------|
|
|
| Obie | 192.168.32.2 | — |
|
|
| pncfishandmore | 192.168.32.3 | — |
|
|
| GLNet | 192.168.32.4 | GL.iNet router |
|
|
| PortaPotty | 192.168.32.5 | Pocket Grimoire laptop |
|
|
| GLNet | 192.168.32.6 | Second GL.iNet |
|
|
|
|
## DNS
|
|
|
|
Internal DNS runs on Technitium at `192.168.5.7` (`dns.netgrimoire.com`), behind Authentik.
|
|
|
|
All `*.netgrimoire.com` and `*.wasted-bandwidth.net` internal hostnames resolve via Technitium. Public DNS managed via ISPConfig and domain registrars.
|
|
|
|
## Docker Overlay Network
|
|
|
|
All Swarm services share the `netgrimoire` external overlay network (VIP mode). This is the only overlay network in use.
|
|
|
|
```
|
|
Name: netgrimoire
|
|
Driver: overlay
|
|
Mode: VIP (always — dnsrr is banned)
|
|
```
|
|
|
|
See [Docker Swarm Template](/Keystone-Grimoire/Docker/Swarm-Template) for attachment rules.
|