Skip to content

Network topology

Current state — Phase 2 in progress. OPNsense installed, firewall rules pending before Bell DMZ activation. 

graph TB
    INTERNET["Internet"]
    BELL["ISP gateway\n192.168.2.1\nDHCP"]

    subgraph LAN["LAN — REDACTED/24"]
        NODE2["caneast-c1-node2\n.149\nCanEast Workstation"]
        NODE3["caneast-c1-node3\n.237\nCanEast Server"]
        AW["CanEast AI Node\n.10"]
        MQTT1["caneast-c1-mqtt1\n.228\nRPi Zero 2WH"]
        ESP32["caneast-c1-ot1-esp1\n.229\nESP32"]
        FWWAN["caneast-c1-fw1 WAN\n.224\nOPNsense VM"]
    end

    subgraph BRIDGES["Virtual bridges — caneast-c1-node3"]
        BR0["lan-bridge\n192.168.2.0/24\nLAN"]
        DMBR0["dmz-bridge-0\nDMZ\nno host IP"]
        DMBR1["dmz-bridge-1\n10.10.20.0/24\nMGT"]
        DMBR2["dmz-bridge-2\n10.10.30.0/24\nICT"]
    end

    subgraph FWZONES["OPNsense interfaces"]
        FWLAN["LAN\ncaneast-c1-fw1"]
        FWMGT["MGT\ncaneast-c1-fw1"]
        FWICT["ICT\ncaneast-c1-fw1"]
    end

    INTERNET --> BELL
    BELL -->|DMZ pending| FWWAN
    FWWAN --> FWLAN
    FWWAN --> FWMGT
    FWWAN --> FWICT
    NODE3 --- BR0
    NODE3 --- DMBR0
    NODE3 --- DMBR1
    NODE3 --- DMBR2

Port map — caneast-c1-node2

Port Service
3000 Homepage
3001 Uptime Kuma
3002 Grafana
3003 archon-docs
8086 InfluxDB
9000 Portainer
9100 Node Exporter