LAB Linux in heterogenen Netzen: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→IPv6) |
|||
| Zeile 133: | Zeile 133: | ||
=Der SSSD Domain Beitritt= | =Der SSSD Domain Beitritt= | ||
*[[LAB Linux in heterogenen Debian SSSD Domain Beitritt]] | *[[LAB Linux in heterogenen Debian SSSD Domain Beitritt]] | ||
| + | *https://schroeffu.ch/2019/09/linux-active-directory-ldap-ssh-login-mit-sssd-und-realmd/ | ||
| + | |||
=Openvpn mit Anbindung an ADS über LDAP= | =Openvpn mit Anbindung an ADS über LDAP= | ||
*[[LAB Linux in heterogenen Netzen OPENVPN mit LDAP User-Authentication]] | *[[LAB Linux in heterogenen Netzen OPENVPN mit LDAP User-Authentication]] | ||
Version vom 9. Oktober 2024, 19:13 Uhr
Phyisikalischer Netzplan
| Port | VLAN | Netz |
|---|---|---|
| Ethernet1/1 | Trunk | Zur Firewall |
| Ethernet1/2 | 22 | SERVER |
| Ethernet1/3 | 21 | CLIENTS |
| Ethernet1/4 | 22 | SERVER |
| Ethernet1/5 | 22 | SERVER |
| Ethernet1/6 | 21 | CLIENTS |
| Ethernet1/7 | 22 | SERVER |
Logischer Netzplan
Aufbau des Labors
- Eine Debian Maschine soll uns als Firewall dienen
- Daran wird ein Cisco Layer 2 Switch angeschlossen.
- Zu diesem gegen 3 Vlans 1,21,22
- VLAN 1 = MGMT
- VLAN 21 = CLIENTS
- VLAN 22 = SERVER
- Des weiteren sind an der Firewal das WAN und das DMZ Interface
Die Netzzuteilung
IPv4
- gateway 172.30.34.254
- nameserver 172.30.34.254
- search labXX.linuggs.de
| Teilnehmer | Labor | Netz | Öffentliche Adresse | MGMT | CLIENTS | SERVER | DMZ |
|---|---|---|---|---|---|---|---|
| TN01 | lab00 | 172.26.0.0/22 | 172.30.34.1 | 172.26.0.0/24 | 172.26.1.0/24 | 172.26.2.0/24 | 172.26.3.0/24 |
| TN02 | lab04 | 172.26.4.0/22 | 172.30.34.2 | 172.26.4.0/24 | 172.26.5.0/24 | 172.26.6.0/24 | 172.26.7.0/24 |
| TN03 | lab08 | 172.26.8.0/22 | 172.30.34.3 | 172.26.8.0/24 | 172.26.9.0/24 | 172.26.10.0/24 | 172.26.11.0/24 |
| TN04 | lab0c | 172.26.12.0/22 | 172.30.34.4 | 172.26.12.0/24 | 172.26.13.0/24 | 172.26.14.0/24 | 172.26.15.0/24 |
| TN05 | lab10 | 172.26.16.0/22 | 172.30.34.5 | 172.26.16.0/24 | 172.26.17.0/24 | 172.26.18.0/24 | 172.26.19.0/24 |
| TN06 | lab14 | 172.26.20.0/22 | 172.30.34.6 | 172.26.20.0/24 | 172.26.21.0/24 | 172.26.22.0/24 | 172.26.23.0/24 |
| TN07 | lab18 | 172.26.24.0/22 | 172.30.34.7 | 172.26.24.0/24 | 172.26.25.0/24 | 172.26.26.0/24 | 172.26.27.0/24 |
| TN08 | lab1c | 172.26.28.0/22 | 172.30.34.8 | 172.26.28.0/24 | 172.26.29.0/24 | 172.26.30.0/24 | 172.26.31.0/24 |
| TN09 | lab20 | 172.26.32.0/22 | 172.30.34.9 | 172.26.32.0/24 | 172.26.33.0/24 | 172.26.34.0/24 | 172.26.35.0/24 |
| TN10 | lab24 | 172.26.36.0/22 | 172.30.34.10 | 172.26.36.0/24 | 172.26.37.0/24 | 172.26.38.0/24 | 172.26.39.0/24 |
| TN11 | lab28 | 172.26.40.0/22 | 172.30.34.11 | 172.26.40.0/24 | 172.26.41.0/24 | 172.26.42.0/24 | 172.26.43.0/24 |
| TN12 | lab2c | 172.26.44.0/22 | 172.30.34.12 | 172.26.44.0/24 | 172.26.45.0/24 | 172.26.46.0/24 | 172.26.47.0/24 |
| TN13 | lab30 | 172.26.48.0/22 | 172.30.34.13 | 172.26.48.0/24 | 172.26.49.0/24 | 172.26.50.0/24 | 172.26.51.0/24 |
| TN14 | lab34 | 172.26.52.0/22 | 172.30.34.14 | 172.26.52.0/24 | 172.26.53.0/24 | 172.26.54.0/24 | 172.26.55.0/24 |
IPv6
- gateway 2a02:24d8:71:3000::1
- nameserver 2a02:24d8:71:3000::1
- search labXX.linuggs.de
| Teilnehmer | Labor | Netz | Öffentliche Adresse | MGMT | CLIENTS | SERVER | DMZ |
|---|---|---|---|---|---|---|---|
| TN01 | lab00 | 2a02:24d8:71:3000::/62 | 2a02:24d8:71:3040::3000 | 2a02:24d8:71:3000::/64 | 2a02:24d8:71:3001::/64 | 2a02:24d8:71:3002::/64 | 2a02:24d8:71:3003::/64 |
| TN02 | lab04 | 2a02:24d8:71:3004::/62 | 2a02:24d8:71:3040::3004 | 2a02:24d8:71:3004::/64 | 2a02:24d8:71:3005::/64 | 2a02:24d8:71:3006::/64 | 2a02:24d8:71:3007::/64 |
| TN03 | lab08 | 2a02:24d8:71:3008::/62 | 2a02:24d8:71:3040::3008 | 2a02:24d8:71:3008::/64 | 2a02:24d8:71:3009::/64 | 2a02:24d8:71:300a::/64 | 2a02:24d8:71:300b::/64 |
| TN04 | lab0c | 2a02:24d8:71:300c::/62 | 2a02:24d8:71:3040::300c | 2a02:24d8:71:300c::/64 | 2a02:24d8:71:300d::/64 | 2a02:24d8:71:300e::/64 | 2a02:24d8:71:300f::/64 |
| TN05 | lab10 | 2a02:24d8:71:3010::/62 | 2a02:24d8:71:3040::3010 | 2a02:24d8:71:3010::/64 | 2a02:24d8:71:3011::/64 | 2a02:24d8:71:3012::/64 | 2a02:24d8:71:3013::/64 |
| TN06 | lab14 | 2a02:24d8:71:3014::/62 | 2a02:24d8:71:3040::3014 | 2a02:24d8:71:3014::/64 | 2a02:24d8:71:3015::/64 | 2a02:24d8:71:3016::/64 | 2a02:24d8:71:3017::/64 |
| TN07 | lab18 | 2a02:24d8:71:3018::/62 | 2a02:24d8:71:3040::3018 | 2a02:24d8:71:3018::/64 | 2a02:24d8:71:3019::/64 | 2a02:24d8:71:301a::/64 | 2a02:24d8:71:301b::/64 |
| TN08 | lab1c | 2a02:24d8:71:301c::/62 | 2a02:24d8:71:3040::301c | 2a02:24d8:71:301c::/64 | 2a02:24d8:71:301d::/64 | 2a02:24d8:71:301e::/64 | 2a02:24d8:71:301f::/64 |
| TN09 | lab20 | 2a02:24d8:71:3020::/62 | 2a02:24d8:71:3040::3020 | 2a02:24d8:71:3020::/64 | 2a02:24d8:71:3021::/64 | 2a02:24d8:71:3022::/64 | 2a02:24d8:71:3023::/64 |
| TN10 | lab24 | 2a02:24d8:71:3024::/62 | 2a02:24d8:71:3040::3024 | 2a02:24d8:71:3024::/64 | 2a02:24d8:71:3025::/64 | 2a02:24d8:71:3026::/64 | 2a02:24d8:71:3027::/64 |
| TN11 | lab28 | 2a02:24d8:71:3028::/62 | 2a02:24d8:71:3040::3028 | 2a02:24d8:71:3028::/64 | 2a02:24d8:71:3029::/64 | 2a02:24d8:71:302a::/64 | 2a02:24d8:71:302b::/64 |
| TN12 | lab2c | 2a02:24d8:71:302c::/62 | 2a02:24d8:71:3040::302c | 2a02:24d8:71:302c::/64 | 2a02:24d8:71:302d::/64 | 2a02:24d8:71:302e::/64 | 2a02:24d8:71:302f::/64 |
| TN13 | lab30 | 2a02:24d8:71:3030::/62 | 2a02:24d8:71:3040::3030 | 2a02:24d8:71:3030::/64 | 2a02:24d8:71:3031::/64 | 2a02:24d8:71:3032::/64 | 2a02:24d8:71:3033::/64 |
| TN14 | lab34 | 2a02:24d8:71:3034::/62 | 2a02:24d8:71:3040::3034 | 2a02:24d8:71:3034::/64 | 2a02:24d8:71:3035::/64 | 2a02:24d8:71:3036::/64 | 2a02:24d8:71:3037::/64 |
Die Firewall
Der Cisco Switch
Der Domain Controller
Der Linux ADS Client
Momentaner Stand
Phyisikalischer Netzplan
Logischer Netzplan
Der Web Server
Momentaner Stand
Phyisikalischer Netzplan
Logischer Netzplan
![Bearbeiten](javascript:editDrawio("832266219", "linux-heterogen-01.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
![Bearbeiten](javascript:editDrawio("604520853", "linux-heterogen-02.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
![Bearbeiten](javascript:editDrawio("1386043854", "linux-heterogen-03.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
![Bearbeiten](javascript:editDrawio("925093565", "linux-heterogen-04.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
![Bearbeiten](javascript:editDrawio("168438749", "linux-heterogen-05.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
![Bearbeiten](javascript:editDrawio("95184130", "linux-heterogen-06.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
Der Mailserver
Der Fileserver
Der SSSD Domain Beitritt
- LAB Linux in heterogenen Debian SSSD Domain Beitritt
- https://schroeffu.ch/2019/09/linux-active-directory-ldap-ssh-login-mit-sssd-und-realmd/