dustin/configpolicy
1
1
Fork 0
Code Issues Releases Activity
Files
d36e0d5a0a23ea3c2b58f9db5c54b7519154348b
configpolicy/group_vars/dch-gw/dch-network.yml
Dustin C. Hatch 76b7db421c dch-network: Forward syncthing port to file0 
*file0.pyrocufflink.blue* hosts syncthing. Forwarding the transport is
not strictly required, as syncthing can use relays to encapsulate
traffic in HTTPS, but allowing direct access improves performance.
2018-08-12 15:22:30 -05:00

128 lines
2.2 KiB
YAML
Raw Blame History

dch_networks:
jazz:
description: Legacy network
vlan_id: 1
ipv4_address: 172.31.0.0/27
router_iface: vlan1
dns_search:
- pyrocufflink.jazz
dns_servers:
- fd99:8dc7:6528::10:1
dns_servers_v4:
- 172.30.0.4
sla_id: 1
ntp_servers:
- tyrande.pyrocufflink.jazz
mgmt:
description: Management network
vlan_id: 10
router_iface: vlan10
ipv4_address: 172.30.0.240/28
ntp_servers:
- dc0.pyrocufflink.blue
blue:
description: pyrocufflink.blue AD domain members only
vlan_id: 30
ipv4_address: 172.30.0.0/26
ipv6_address: fd99:8cd7:6528:fe1e::/64
router_iface: vlan30
dns_search:
- pyrocufflink.blue
dns_servers:
- fd99:8cd7:6528:fe1e::4:1
dns_servers_v4:
- 172.30.0.4
sla_id: 30
ntp_servers:
- dc0.pyrocufflink.blue
red:
description: Non-domain member machines
vlan_id: 101
ipv4_address: 172.31.1.0/24
router_iface: vlan101
dns_servers_v4:
- 172.30.0.4
sla_id: 101
ntp_servers:
- dc0.pyrocufflink.blue
guest:
description: Guest Wi-Fi
vlan_id: 100
ipv4_address: 172.24.100.0/24
router_iface: vlan100
dmz:
description: DMZ
vlan_id: 254
router_iface: vlan254
firemon_networks:
- 192.168.0.0/16
- 172.28.33.0/24
nat_port_forwards:
- protocol: tcp
port: http
destination: 172.30.0.6
- protocol: tcp
port: https
destination: 172.30.0.6
- protocol: tcp
port: ssh
destination: 172.30.0.5
- protocol: tcp
port: rsync
destination: 172.31.0.5
- protocol: udp
port: 16881-16999
destination: 172.31.0.5
- protocol: tcp
port: 22000
destination: 172.30.0.5
allow_incoming:
- protocol: udp
port: domain
- protocol: tcp
port: domain
- protocol: udp
port: bootps
- protocol: tcp
port: ssh
- protocol: tcp
port: 9876
- protocol: tcp
port: 10050
allow_outgoing:
- protocol: udp
port: ntp
- protocol: udp
port: dhcpv6-server
- protocol: udp
port: bootps
- protocol: udp
port: bootpc
- protocol: tcp
port: https
- protocol: tcp
port: http
- protocol: udp
port: domain
- protocol: tcp
port: domain
- protocol: udp
port: ntp
- protocol: tcp
port: 10051
trace_dropped: true
Reference in New Issue View Git Blame Copy Permalink