# IP Schema

## Definitions

VPN
WireGuard
routable
LAN
site
Site id

## WireGuard VPN network

CIDR Range	        172.24.0.0/13
Netmask	            255.248.0.0
Wildcard Bits	    0.7.255.255
First IP	        172.24.0.0
Last IP	            172.31.255.255
First IP (Decimal)	2887254016
Last IP (Decimal)	2887778303
Total Host	        524,288

This network rage will power the WireGuard network and does not need to routable
on site.

The last octet will match the site id. For the moment, all sites will be in
172.24.0.{site id} and the third octet reserved.

## Global site network

CIDR Range	        10.{site id}.0.0/16
Netmask	            255.255.0.0
Wildcard Bits	    0.0.255.255
First IP	        10.{site id}.0.0
Last IP	            10.{site id}.255.255
First IP (Decimal)	170524672
Last IP (Decimal)	170590207
Total Host	        65,536

Site id has to match for local WireGuard node site id and the sites assigned
site id. A lose Schema of this a site Schema should be created. At the moment,
if and how 10.{site id}.0.0/16 is broken up is up to the local site admin.

## Private site network


CIDR Range	        172.16.0.0/13
Netmask	            255.248.0.0
Wildcard Bits	    0.7.255.255
First IP	        172.16.0.0
Last IP	            172.23.255.255
First IP (Decimal)	2886729728
Last IP (Decimal)	2887254015
Total Host	        524,288

and

CIDR Range	        192.168.0.0/16
Netmask	            255.255.0.0
Wildcard Bits	    0.0.255.255
First IP	        192.168.0.0
First IP (Decimal)	3232235520
Last IP	            192.168.255.255
Last IP (Decimal)	3232301055
Total Host	        65,536

This network range(s) are for private LAN nodes and should NOT be routable via
the WireGuard VPN. The site admin is fully responsible for the management of
these networks.