HFML-FELIX has several different networks to keep different environments separated, and thereby to protect, e.g., lab computers from internet-connected office computers. It's possbile to gain remote access by Openvpn.
networks
[edit | edit source]
The different networks are:
- Office network (grey, vLAN 14, science.ru.nl), with a subset being designated the Blue network
- Machine network (green, vLAN 814, fxmnet.science.ru.nl)
- User network (yellow, vLAN 914, fxunet.science.ru.nl)
- FLARE LINAC network (orange, no vLAN because not distributed over ILS switches)
- Esxi host only network (black, no vLAN because not distributed over ILS switches)
- HFML network (vLAN 36)
- HFML installation network
- Iotroam (wifi for IOT devices)
| Network | Typical IP address | UTP cable color |
|---|---|---|
| Office | 131.174.x.y | Grey |
| eduroam | 145.116.c.d | wireless |
| User | 192.168.114.x | Yellow |
| Machine | 192.168.14.y | Green |
| FLARE linac | 192.168.1.x | Orange |
switches and uplink to Huygens
[edit | edit source]In FX-1.04 there are two switch-stacks (es1-fel-k1-04 and es2-fel-k1-04 consisting of 5 and 3 modules, respectively. In FEL1-3 there are 8x46 ports available. Each switch-stack (like every other switch-stack at the faculty) has two redundant 1 Gb/s uplinks to the router in Huygens building. FEL4 is connected to two switch-stacks (es1-hfml-01-13 and es2-hfml-01-13) at HFML (ML01.13) consisting of 5 and 2 46-port modules, respectively. Those switches also each have two redundant 1 Gb/s uplinks to the router at Huygens. [1]
network shares
[edit | edit source]The various network shares are usually accessible from multiple networks with different access levels. For instance, a data share would have full access from a lab pc on the user network, and read-only access from the office network, the idea being that measurement data can be written from the lab pc, and then collected (but not altered) on an office pc for further processing.
An example would be the share fis-data-1, which has full access from the user network at the URL \\felixdisk.science.ru.nl\fis-data-1, and read-only access from the office network at \\felixdisk.science.ru.nl\fis-data-1r, the postfix -r signifying the read-only nature of the share.
connection loss prevention on power out
[edit | edit source]The switches in the FELIX SER 135 FX-1.04 serve most of the FELIX building, with the exception of the "FEL4-offices" (FX00.50+ and FX01.xx) which are served from the HFML SER. The first two units (AS-135-1-1, AS-135-1-2, AS-135-2-1, AS-135-2-2) of both stacks at FELIX are connected to a UPS, so should stay up for several minutes. All the important servers and PLCs at FELIX have been connected to those two stacks. The stacks themselves are interconnected via the distibution router in the Huygens building (drh), which is also on UPS. Therefore, communication between the stacks should also stay up. The Ascom IP-DECT gateway is also on a protected switch (as-135-1/2/0/16) so DECT telephony should also survive a power out of a few minutes.
File:FELIX-Patchingen 20231124.xlsx
References and links
[edit | edit source]- ↑ Marcel Kuppens, personal communication to Victor Claessen, 2020-11-03
