Network

See also

Wiki page SystemAdministration/IPList

blockdiag internet intranet 172.16.2.0/24 br0 10.0.0.0/24 116.203.192.12 extmon 213.154.225.224/27 172.17.2.3 router 172.16.2.10 10.0.0.1 infra02 container1 container2 containerX

IPv4 network

blockdiag internet intranet 2001:7b8:616:162:1::/80 br0 2001:7b8:616:162:2::/80 2a01:4f8:c2c:a5b9::1 extmon router ...:1::10 ...:2::1 infra02 container1 container2 containerX

IPv6 network

Internet

CAcert has a public Internet IPv4 address range and some of the Internet IP addresses are mapped to the infrastructure systems.

The infrastructure systems use IPv4 addresses from the 213.154.225.224/27 subnet.

IPv6 connectivity is also available. The infrastructure IPv6 addresses are taken from the 2001:7b8:616:162:1::/80 and 2001:7b8:616:162:2::/80 ranges.

External monitoring is provided from the ranges 116.203.192.12/32 and 2a01:4f8:c2c:a5b9::1/128.

Intranet

CAcert’s infrastructure systems are using a private network range that is accessible from other CAcert systems. The Intranet IPv4 addresses are in the 172.16.2.0/24 subnet.

Internal

The infrastructure host Infra02 has a local bridge interface br0 that is used to connect the containers on that machine and allows explicit routing as well as services that are purely internal and are not reachable from the Internet or Intranet machines in the IP range mentioned above.

The local bridge uses IPv4 addresses from the 10.0.0.0/24 range. IPv6 addresses are directly assigned to containers from the 2001:7b8:616:162:2::/80 range.