Update documentation with correct VLAN IPs
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Hardware Inventory: - Unraid server: 192.168.10.20 - Unraid AdGuard (macvlan): 192.168.10.10 - Router: 192.168.10.1 - CSS326 switch: 192.168.10.9 - ZX switch: 192.168.10.7 - cAP XL: 192.168.10.6 Critical Services: - Updated DNS section with correct container IPs - Added failover details and Web UI URLs - Updated routing to reflect VLAN structure - Updated DHCP pools for all VLANs Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Kaloyan Danchev
@@ -1,6 +1,6 @@
|
||||
# Critical Services
|
||||
|
||||
**Last Updated:** 2026-01-25
|
||||
**Last Updated:** 2026-01-31
|
||||
|
||||
Services that must remain operational for network functionality and security.
|
||||
|
||||
@@ -21,21 +21,23 @@ Services that must remain operational for network functionality and security.
|
||||
|
||||
| Instance | Host | IP | Role |
|
||||
|----------|------|-----|------|
|
||||
| Primary | HAP1 | 172.17.0.5 | Main DNS, DoH/DoT/DoQ |
|
||||
| Secondary | XTRM-U | 192.168.31.4 | Failover DNS |
|
||||
| Primary | HAP1 (container) | 172.17.0.2 | Main DNS |
|
||||
| Secondary | XTRM-U (macvlan) | 192.168.10.10 | Failover DNS |
|
||||
|
||||
**Endpoints:**
|
||||
- DoH: `https://dns.xtrm-lab.org/dns-query`
|
||||
- DoT: `tls://dns.xtrm-lab.org:853`
|
||||
- DoQ: `quic://dns.xtrm-lab.org:8853`
|
||||
**Failover:** Automatic via Netwatch (ping + DNS resolution checks)
|
||||
|
||||
**Config Sync:** adguardhome-sync (every 30 min)
|
||||
**Config Sync:** adguardhome-sync (every 30 min, Unraid → MikroTik)
|
||||
|
||||
**Upstream:** Quad9 DoH (`https://dns10.quad9.net/dns-query`)
|
||||
**Upstream:** Quad9 DoH (`https://dns.quad9.net/dns-query`)
|
||||
|
||||
**Web UI:**
|
||||
- Primary: http://192.168.10.1:3000
|
||||
- Secondary: http://192.168.10.10:3000
|
||||
- Credentials: jazzymc / 7RqWElENNbZnPW
|
||||
|
||||
**Recovery:**
|
||||
1. If primary fails → clients use secondary (192.168.31.4)
|
||||
2. Restart container on HAP1: `/container/start adguardhome`
|
||||
1. If primary fails → automatic failover to secondary (192.168.10.10)
|
||||
2. Manual restart: `/container start [find name~"adguard"]`
|
||||
|
||||
---
|
||||
|
||||
@@ -44,25 +46,28 @@ Services that must remain operational for network functionality and security.
|
||||
| Function | Details |
|
||||
|----------|---------|
|
||||
| WAN | 62.73.120.142 via Vivacom fiber |
|
||||
| LAN | 192.168.31.0/24 |
|
||||
| NAT | Port forwarding to XTRM-U |
|
||||
| VLANs | 10 (Mgmt), 20 (Trusted), 25 (Kids), 30 (IoT), 40 (CatchAll) |
|
||||
| NAT | Port forwarding to XTRM-U (192.168.10.20) |
|
||||
| Firewall | RouterOS firewall rules |
|
||||
|
||||
**Recovery:**
|
||||
1. Physical access to HAP1
|
||||
2. Reset: hold reset button 5s
|
||||
3. Reconfigure via WinBox or SSH
|
||||
3. Reconfigure via WinBox or SSH (port 2222)
|
||||
|
||||
---
|
||||
|
||||
### DHCP (HAP1)
|
||||
|
||||
| Pool | Range |
|
||||
|------|-------|
|
||||
| Dynamic | 192.168.31.100-200 |
|
||||
| Lease Time | 24 hours |
|
||||
| VLAN | Pool | Range |
|
||||
|------|------|-------|
|
||||
| 10 (Mgmt) | pool-vlan10 | 192.168.10.100-200 |
|
||||
| 20 (Trusted) | pool-vlan20 | 192.168.20.100-200 |
|
||||
| 25 (Kids) | pool-vlan25 | 192.168.25.100-200 |
|
||||
| 30 (IoT) | pool-vlan30 | 192.168.30.100-200 |
|
||||
| 40 (CatchAll) | dhcp | 192.168.1.10-254 |
|
||||
|
||||
**Static Leases:** Managed in RouterOS DHCP server
|
||||
**Lease Time:** 30 minutes
|
||||
|
||||
---
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# Hardware Inventory
|
||||
|
||||
**Last Updated:** 2026-01-27
|
||||
**Last Updated:** 2026-01-31
|
||||
|
||||
---
|
||||
|
||||
@@ -12,7 +12,7 @@
|
||||
|----------|-------|
|
||||
| **Role** | Router, WiFi Controller, DNS |
|
||||
| **Location** | 19" Rack U3 (on shelf) |
|
||||
| **IP** | 192.168.31.1 |
|
||||
| **IP** | 192.168.10.1 |
|
||||
| **MAC** | 78:9A:18:2C:A5:48 |
|
||||
| **OS** | RouterOS 7.20.6 |
|
||||
| **Serial** | - |
|
||||
@@ -36,12 +36,12 @@
|
||||
|----------|-------|
|
||||
| **Role** | Distribution Switch |
|
||||
| **Location** | 19" Rack U1 |
|
||||
| **IP** | 192.168.31.9 |
|
||||
| **IP** | 192.168.10.9 |
|
||||
| **MAC** | F4:1E:57:C9:BD:09 |
|
||||
| **OS** | SwOS 2.16 |
|
||||
| **Serial** | - |
|
||||
| **Docs** | https://help.mikrotik.com/docs/spaces/UM/pages/17498168/CSS326-24G-2S+RM |
|
||||
| **Web UI** | http://192.168.31.9 |
|
||||
| **Web UI** | http://192.168.10.9 |
|
||||
|
||||
**Ports:** 24x 1G RJ45, 2x 10G SFP+
|
||||
- SFP1: 10G DAC to ZX1
|
||||
@@ -55,7 +55,7 @@
|
||||
|----------|-------|
|
||||
| **Role** | Core Switch (2.5GbE) |
|
||||
| **Location** | 10" Rack U7 (on shelf) |
|
||||
| **IP** | 192.168.31.7 |
|
||||
| **IP** | 192.168.10.7 |
|
||||
| **MAC** | 1C:2A:A3:1E:78:67 |
|
||||
| **Serial** | - |
|
||||
|
||||
@@ -75,7 +75,7 @@
|
||||
|----------|-------|
|
||||
| **Role** | Wireless Access Point |
|
||||
| **Location** | Corridor (ceiling) |
|
||||
| **IP** | 192.168.31.6 |
|
||||
| **IP** | 192.168.10.6 |
|
||||
| **MAC** | 18:FD:74:54:3D:BC |
|
||||
| **OS** | RouterOS 7.x |
|
||||
| **Serial** | HCT085KBH8B |
|
||||
@@ -103,7 +103,7 @@
|
||||
|----------|-------|
|
||||
| **Role** | Production Server |
|
||||
| **Location** | 10" Rack U1-U4 |
|
||||
| **IP** | 192.168.31.2 |
|
||||
| **IP** | 192.168.10.20 |
|
||||
| **OS** | Unraid 6.x |
|
||||
|
||||
**Network:**
|
||||
@@ -122,8 +122,7 @@
|
||||
**Virtual IPs:**
|
||||
| IP | Purpose |
|
||||
|----|---------|
|
||||
| 192.168.31.4 | AdGuard Home (macvlan) |
|
||||
| 192.168.31.15 | (reserved) |
|
||||
| 192.168.10.10 | AdGuard Home (macvlan) - DNS Failover |
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user