Ember (Diskussion | Beiträge) K (readability fixes) |
Ember (Diskussion | Beiträge) K (add info about certs on apple devices) |
||
Zeile 27: | Zeile 27: | ||
<div class="header-link__button">[[GPN22:Map|Map]]</div> | <div class="header-link__button">[[GPN22:Map|Map]]</div> | ||
<div class="header-link__button">[https://social.gulas.ch/@noc Fediverse]</div> | <div class="header-link__button">[https://social.gulas.ch/@noc Fediverse]</div> | ||
<div class="header-link__button">[mailto:noc@gulas.ch E- | <div class="header-link__button">[mailto:noc@gulas.ch E-mail] | ||
</div> | </div> | ||
</div> | </div> | ||
Zeile 60: | Zeile 60: | ||
* [https://cloud.entropia.de/s/s2K2DMf3N7jCzp9/download?path=%2F&files=GPN%20-%20Event%20inbound%20only%20WiFi-Signed.mobileconfig Event inbound only] | * [https://cloud.entropia.de/s/s2K2DMf3N7jCzp9/download?path=%2F&files=GPN%20-%20Event%20inbound%20only%20WiFi-Signed.mobileconfig Event inbound only] | ||
* [https://cloud.entropia.de/s/s2K2DMf3N7jCzp9/download?path=%2F&files=GPN%20-%20inbound%20open%20WiFi-Signed.mobileconfig Yolo-Mode] | * [https://cloud.entropia.de/s/s2K2DMf3N7jCzp9/download?path=%2F&files=GPN%20-%20inbound%20open%20WiFi-Signed.mobileconfig Yolo-Mode] | ||
If you don't use the profiles, you must click trust on the certificate for <code>radius.noc.gulas.ch</code>. | |||
==== Configuration on most systems ==== | ==== Configuration on most systems ==== | ||
*Username/Identity: see above | *Username/Identity: see above | ||
*Password: see above | *Password: see above | ||
*(only on MacOS) Identity: none | |||
*Domain: <code>radius.noc.gulas.ch</code> | *Domain: <code>radius.noc.gulas.ch</code> | ||
*CA certificate: <code>Use system certificate</code> or Trust on first use (on modern Android Devices) | *CA certificate: <code>Use system certificate</code> or Trust on first use (on modern Android Devices) | ||
**Otherwise use the [https://letsencrypt.org/certs/isrgrootx1.pem ISRG Root X1] from [https://letsencrypt.org/certificates/ Let's Encrypt]. | **Otherwise use the [https://letsencrypt.org/certs/isrgrootx1.pem ISRG Root X1] from [https://letsencrypt.org/certificates/ Let's Encrypt]. | ||
If you want to check that you really connect to the insecure network of ''your'' choice, please verify the certificate of CN <code>radius.noc.gulas.ch</code> is issued by [https://letsencrypt.org/certificates/ Let's Encrypt].<div class="home-card home-card--col2"> | |||
If you want to check that you really connect to the insecure network of ''your'' choice, please verify the certificate of CN <code>radius.noc.gulas.ch</code> is issued by [https://letsencrypt.org/certificates/ Let's Encrypt]. | |||
You can find example configs on [[GPN22:NOC/Wireless]]<div class="home-card home-card--col2"> | |||
=== Colocation === | === Colocation === | ||
Like the years before we are providing a colocation at GPN22. | Like the years before we are providing a colocation at GPN22. | ||
Zeile 81: | Zeile 86: | ||
==== Location ==== | ==== Location ==== | ||
This year it is in the Pförtnerhäuschen, which is the locked space that housed the | This year it is in the Pförtnerhäuschen, which is the locked space that housed the YoloColo back at GPN19. | ||
This location has limited cooling and power budget and cannot accommodate for power hungry devices. | This location has limited cooling and power budget and cannot accommodate for power hungry devices. | ||
Zeile 87: | Zeile 92: | ||
==== Basic Rules and Policy ==== | ==== Basic Rules and Policy ==== | ||
* | * Be excellent to each other! | ||
* we reserve the right to disconnect your server | * we reserve the right to disconnect your server | ||
* access is only allowed in the presence of NOC staff | * access is only allowed in the presence of NOC staff | ||
* devices must be labeled with an e-mail-address and a DECT-Number (if you have one) | * devices must be labeled with an e-mail-address and a DECT-Number (if you have one) | ||
* prepare your server before placing it in colocation. | * prepare your server before placing it in colocation. Outside of placing and picking up, we can only grant access to the colocation in exceptional cases | ||
==== How to connect ==== | ==== How to connect ==== | ||
Zeile 111: | Zeile 116: | ||
** verify yourself with DECT or PSK | ** verify yourself with DECT or PSK | ||
** collect your server | ** collect your server | ||
==== Connection/Uplink ==== | ==== Connection/Uplink ==== | ||
Zeile 126: | Zeile 125: | ||
IP addressing is static only. We use "Laundry Clip DHCP": Get your laundry clip at the NOC Desk and attach it to your network cable. Please bring back the laundry clips after the event. | IP addressing is static only. We use "Laundry Clip DHCP": Get your laundry clip at the NOC Desk and attach it to your network cable. Please bring back the laundry clips after the event. | ||
Configure your network interfaces like | Configure your network interfaces like shown below (X is your laundry clip number) | ||
===== IPv4 ===== | ====== IPv4 ====== | ||
Address: | Address: 151.216.65.X/24 | ||
Gateway: | Gateway: 151.216.65.1 | ||
===== IPv6 ===== | ====== IPv6 ====== | ||
Address: | Address: 2a0e:c5c1:0:10c9::X/64 | ||
Gateway: | Gateway: 2a0e:c5c1:0:10c9::1 | ||
==== Pixelflut ==== | |||
Pixelflut is not hosted by NOC. Some people create a completely separated and isolated network with no access to the GPN-Network. | |||
You will find a dedicated switch for Pixelflut in the YoloColo. Having two network-cards is recommended. | |||
You can find more information here: [[GPN22:Pixelflut]] | |||
</div> | </div> | ||
<templatestyles src="Vorlage:Main_Page/header/styles.css" /><noinclude><templatestyles src="Vorlage:Main_Page/shared/styles.css" /></noinclude> | <templatestyles src="Vorlage:Main_Page/header/styles.css" /><noinclude><templatestyles src="Vorlage:Main_Page/shared/styles.css" /></noinclude> |
Version vom 27. Mai 2024, 20:20 Uhr
Wireless
You can find the WiFi credentials below
SSID | Authentication | Security |
GPN-open | WPA3 OWE/WPA2 open | |
GPN | gpn/gpn | WPA3/WPA2 enterprise |
Contact
WPA-Enterprise
WiFi-Credentials
Username | Password | Mode |
gpn | gpn | Default. Protected; no inbound connections allowed |
event-inbound-only | event-inbound-only | Inbound connections only allowed from the Event Network |
yolo | yolo | Yolo-Mode; Inbound allowed from anywhere |
Configuration on Apple Devices
You can configure the WiFi youself, or use our provided signed profiles for the different modes:
If you don't use the profiles, you must click trust on the certificate for radius.noc.gulas.ch
.
Configuration on most systems
- Username/Identity: see above
- Password: see above
- (only on MacOS) Identity: none
- Domain:
radius.noc.gulas.ch
- CA certificate:
Use system certificate
or Trust on first use (on modern Android Devices)- Otherwise use the ISRG Root X1 from Let's Encrypt.
If you want to check that you really connect to the insecure network of your choice, please verify the certificate of CN radius.noc.gulas.ch
is issued by Let's Encrypt.
You can find example configs on GPN22:NOC/Wireless
Colocation
Like the years before we are providing a colocation at GPN22.
In case of problems, find us at the NOC desk or call DECT 6620.
We will try to provide the colocation as best effort. Normal GPN-Network has priority.
You should be able to use the colocation starting Thursday afternoon.
We close the colocation on Sunday (timestamp will be added soon), please fetch your devices before then!
Location
This year it is in the Pförtnerhäuschen, which is the locked space that housed the YoloColo back at GPN19.
This location has limited cooling and power budget and cannot accommodate for power hungry devices.
Basic Rules and Policy
- Be excellent to each other!
- we reserve the right to disconnect your server
- access is only allowed in the presence of NOC staff
- devices must be labeled with an e-mail-address and a DECT-Number (if you have one)
- prepare your server before placing it in colocation. Outside of placing and picking up, we can only grant access to the colocation in exceptional cases
How to connect
- bring you own SFP(+) transceivers and cables (we do not have any cables or transceivers for the colocation)
- add a label with your e-mail(must) / DECT(should) on any devices in the colocation
- talk to NOC
- you will receive a clothespin with an ip-address (v4 and v6)
- NOC will provide access to the colocation
- NOC will verify the label with the dect-number on the server
- exchange PSK with NOC (you will need your DECT or PSK to retrieve your server)
How to retrieve your server
- shutdown your server remotely (minimize time spent in colocation)
- talk to NOC
- is your server powered off?
- NOC will provide access to the colocation
- verify yourself with DECT or PSK
- collect your server
Connection/Uplink
YoloColo is connected with 100G to our core.
Your server can connect with 10G to our YoloColo-Switch.
Addressing
IP addressing is static only. We use "Laundry Clip DHCP": Get your laundry clip at the NOC Desk and attach it to your network cable. Please bring back the laundry clips after the event.
Configure your network interfaces like shown below (X is your laundry clip number)
IPv4
Address: 151.216.65.X/24
Gateway: 151.216.65.1
IPv6
Address: 2a0e:c5c1:0:10c9::X/64
Gateway: 2a0e:c5c1:0:10c9::1
Pixelflut
Pixelflut is not hosted by NOC. Some people create a completely separated and isolated network with no access to the GPN-Network.
You will find a dedicated switch for Pixelflut in the YoloColo. Having two network-cards is recommended. You can find more information here: GPN22:Pixelflut