theta42/ip_schema
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update 'README.md'

Browse Source
This commit is contained in:
William Mantly 2020-07-31 22:44:31 +00:00
parent cbd1fc5751
commit 23c36eed5c
1 changed files with 28 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
README.md
View File

@ -2,6 +2,8 @@
## Definitions ## Definitions
**todo**
VPN VPN
WireGuard WireGuard
routable routable
@ -26,7 +28,7 @@ This network rage will power the WireGuard network and does not need to routable
on site. on site.
The last octet will match the site id. For the moment, all sites will be in The last octet will match the site id. For the moment, all sites will be in
172.24.0.{site id} and the third octet reserved. `172.24.0.{site id}` and the third octet reserved.
## Global site network ## Global site network
@ -43,7 +45,7 @@ The last octet will match the site id. For the moment, all sites will be in
Site id has to match for local WireGuard node site id and the sites assigned Site id has to match for local WireGuard node site id and the sites assigned
site id. A lose Schema of this a site Schema should be created. At the moment, site id. A lose Schema of this a site Schema should be created. At the moment,
if and how 10.{site id}.0.0/16 is broken up is up to the local site admin. if and how `10.{site id}.0.0/16` is broken up is up to the local site admin.
## Private site network ## Private site network
@ -73,11 +75,32 @@ and
This network range(s) are for private LAN nodes and should NOT be routable via This network range(s) are for private LAN nodes and should NOT be routable via
the WireGuard VPN. The site admin is fully responsible for the management of the WireGuard VPN. The site admin is fully responsible for the management of
these networks. these networks. The rest of this document will assume you have a private site
network of `192.168.1.0/24`. Any time you see `192.168.1.0/24` swap it for your
chosen private site network.
# Site config # Site Configuration
# Usefull links ## WireGuard Node
The wireGaurd node needs to get a static IP and be accessible on both the VPN
global network and should be accessible on the site private network.
The IP of `10.{site id}.0.1` is reserved the WireGuard node.
If you want the global VPN network to be accessible from the site private
network, the container needs to be address able on the site private network as
well. The recommended IP is .10. for example, if your default gateway is
`192.168.1.1`, the WireGaurd node should be `192.168.1.10`, if the gateway is
`172.16.0.1`, the WireGuard node should be `172.16.0.10`.
## Default Gateway
A route entry for `10.0.0.0/8` - > `192.168.1.10` needs to be added if you wish
for the global VPN network to be accessible from the private site network.
# Useful links
https://en.wikipedia.org/wiki/Reserved_IP_addresses https://en.wikipedia.org/wiki/Reserved_IP_addresses