59 lines
1.5 KiB
Nix
59 lines
1.5 KiB
Nix
{
|
|
# VLANs used in the infrastructure.
|
|
#
|
|
# Each VLAN entry has:
|
|
# id - The actual IEEE 802.1Q VLAN ID on the network equipment
|
|
# name - Short label
|
|
# effectiveId - The numeric value used to compute IPv4/IPv6 prefixes.
|
|
# This matches `id` for most VLANs, but can differ when
|
|
# the VLAN ID does not follow the mathematical scheme.
|
|
# e.g. ADMIN is VLAN 90 but prefixes are computed as if VLAN 100.
|
|
# description - Free-text purpose of the VLAN
|
|
#
|
|
# VLAN ID 1 (INET) is the untagged ISP uplink. It is listed here for
|
|
# documentation only and is out of scope of this project.
|
|
|
|
vlans = {
|
|
inet = {
|
|
id = 1;
|
|
name = "INET";
|
|
effectiveId = 1;
|
|
description = "ISP uplink — untagged, out of project scope";
|
|
};
|
|
|
|
admin = {
|
|
id = 90;
|
|
name = "ADMIN";
|
|
effectiveId = 100; # Exception: treated as 100 for prefix computation
|
|
description = "Management / hypervisors";
|
|
};
|
|
|
|
iot = {
|
|
id = 200;
|
|
name = "IOT";
|
|
effectiveId = 200;
|
|
description = "IoT devices";
|
|
};
|
|
|
|
guest = {
|
|
id = 300;
|
|
name = "GUEST";
|
|
effectiveId = 300;
|
|
description = "Guest network";
|
|
};
|
|
|
|
dmz = {
|
|
id = 400;
|
|
name = "DMZ";
|
|
effectiveId = 400;
|
|
description = "Public-facing servers (LXC containers)";
|
|
};
|
|
|
|
internal = {
|
|
id = 500;
|
|
name = "INTERNAL";
|
|
effectiveId = 500;
|
|
description = "Internal workstations and trusted devices";
|
|
};
|
|
};
|
|
} |