Browse Source

first commit

master
王伟梁 7 months ago
commit
6512fc54c1
  1. 82
      doc/苏州公司网络架构.md
  2. BIN
      img/Router01.png
  3. BIN
      img/Router02.png
  4. BIN
      img/WSG.png
  5. BIN
      img/nas00 (1).png
  6. BIN
      img/nas00.png
  7. BIN
      img/router03.png
  8. BIN
      img/switch01.png
  9. BIN
      img/switch02.png
  10. BIN
      img/workstation00.png
  11. BIN
      img/workstation01.png
  12. BIN
      img/workstation02.png
  13. BIN
      img/workstation03.png
  14. BIN
      img/workstation04.png
  15. BIN
      img/workstation05.png

82
doc/苏州公司网络架构.md

@ -0,0 +1,82 @@
# 1 苏州公司办公室设备
## 1.1 管理类设备
| 设备名称 | 主机名 | 设备照片 | IP地址 | MAC地址 | 登陆账户 | 登陆密码 | 主要功能 | 接入设备的网段 | 备注 |
| -------------- | -------- | ------------------------------------------------------------ | ------------------------------------------------------------ | ----------------- | -------- | ---------- | ------------------------------------------------------------ | --------------- | ------------------------------------------------------------ |
| 路由器01 | Router01 | ![route01](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/Router01.png) | 192.168.10.1 [http://ai.cityface.tech:16001](http://ai.cityface.tech:16001/) | 00:E0:67:13:7B:D9 | root | Cit0ry2021 | 1 [拨号上网](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-34-拨号上网) 2 [动态DNS配置](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-动态dns设置) 3 [各路设备端口转发](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-内网端口转发) 4 [SSR服务](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-31-ssr翻墙设置) 5 [设备接入自动提示](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-35-设备接入提示) 6 [静态ip绑定公司内无线设备](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-在路由器01上对无线设备进行静态绑定) 7 [为所有内部设备设置主机名](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-36-设置主机名) 8 [阻止外网ping公司地址](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-阻止外部-ping-公司域名) | 192.168.10.XXX | 该设备为软路由,是整个公司的主路由 |
| 路由器02 | Router02 | ![route02](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/Router02.png) | 192.168.10.2 | 90:E7:10:DA:35:44 | admin | Cit0ry2017 | 1 提供内部设备的无线网络接入服务 2 [无线接入控制](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-37-内网无线接入控制) | 192.168.10.XXX | 该设备与主路由并联,属于旁路由 WiFi SSID:CitoryTech WiFi密码:w4sw3Zvy |
| 路由器03 | Router03 | ![route03](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/router03.jpeg) | 192.168.10.3 | 20:76:93:37:47:D7 | admin | admin | 1 提供访客网络 2 [限制访问内网段的所有设备](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-38-访客网络对于内网访问的限制) 3 [设置自身静态IP,并开启了外网访问](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-39-路由器03的统一管理) | 192.168.123.XXX | 该设备为主路由下的子路由 WiFi SSID:CitoryTech_GUEST WiFi密码:Citory2020 |
| 上网行为管理器 | WSG-50E | ![wsg](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/WSG.png) | 192.168.10.4 | e4:3a:6e:28:05:36 | admin | Cit0ry2017 | 1 [限制实习生4台台式机访问特定网络](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-网络白名单) 2 [限制实习生4台台式机除了访问网页以外所有的其他网络服务](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-其他一切网络服务的禁止) | 192.168.10.XXX | |
| 交换机01 | Switch01 | ![switch01](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/switch01.jpeg) | 无 | 无 | 无 | 无 | 1 连接办公室各台机 2 完成这些设备间的数据传输([静态IP绑定](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定)) 3 连接交换机02 4 连接路由器03 | 192.168.10.XXX | |
| 交换机02 | Switch02 | ![switch02](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/switch02.png) | 无 | 无 | 无 | 无 | 1 连接机房各设备 2 完成这些设备间的数据传输([静态IP绑定](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定)) | 192.168.10.XXX | |
| 苏州路由器01 | Router01 | | 192.168.100.1 | 无 | root | Cit0ry2021 | 主路由器 | 192.168.100.XXX | |
| 苏州路由器02 | Router02 | | 192.168.100.2 | 无 | admin | 1600@CTCC | wifi | | |
## 1.2 机房设备
| 设备名称 | 主机名 | 设备照片 | IP地址 | MAC地址 | 备注 |
| -------- | ------------- | ------------------------------------------------------------ | ----------------------------------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ |
| NAS | NAS | ![nas00](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/nas00.png) | 192.168.10.200 192.168.10.216 192.168.10.217 192.168.10.218 | 00:11:32:7F:EB:FE 00:11:32:7F:EB:FB 00:11:32:7F:EB:FC 00:11:32:7F:EB:FD | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) NAS由于被多个机器同时连接传输写入,会严重影响速度,影响目录和文件的读取之类的,所以Nas做了聚合链路。NAS有四个网口,所以聚合之后可以同时四台机器访问Nas不会互相影响速度。 关于NAS设置,请看[NAS](https://www.synology.com/zh-cn/knowledgebase/DSM/help/DSM/AdminCenter/connection_network_linkaggr) |
| NAS-NEW | NAS(新) | ![nas00](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/nas00.png) | 192.168.10.220 | 00:11:32:C8:86:46 | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) 未做链路聚合 关于NAS设置,请看[NAS](https://www.synology.com/zh-cn/knowledgebase/DSM/help/DSM/AdminCenter/connection_network_linkaggr) |
| 工作站00 | Workstation00 | ![workstation00](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/workstation00.png) | 192.168.10.100 | FC:AA:14:E1:BB:AB | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) |
| 工作站01 | Workstation01 | ![workstation01](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/workstation01.png) | 192.168.10.101 | 2C:4D:54:47:69:1B | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) |
| 工作站02 | Workstation02 | ![workstation02](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/workstation02.png) | 192.168.10.102 | AC:1F:6B:94:2E:4F | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) |
| 工作站03 | Workstation03 | ![workstation03](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/workstation03.png) | 192.168.10.103 | 30:9C:23:49:41:73 | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) |
| 工作站04 | Workstation04 | ![workstation04](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/workstation04.png) | 192.168.10.104 | E0:D5:5E:2B:EF:D4 | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) |
| 工作站05 | Workstation05 | ![workstation04](https://git.citorytech.com/liuliu/Regulation-Private/raw/branch/master/img/NetworkSetup/workstation05.png) | 192.168.10.105 | 04:D4:C4:5D:0A:DE | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) |
| 存储盘 | Storagedisk | | 192.168.10.201 | | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定)公司内部共享盘主机 |
## 1.3 办公室设备
| 设备名称 | 主机名 | IP地址 | MAC地址 | 远程桌面端口 | 远程ssh端口 | 备注 |
| ---------------- | -------------------- | -------------- | ------------------- | ------------ | ----------- | ------------------------------------------------------------ |
| 邵金鑫的台式机 | Mac_Shaojinxin | 192.168.10.121 | 88:d7:f6:c4:25:ab | 3391 | 13391 | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) |
| 王伟粱的台式机 | Desktop_Wangweiliang | 192.168.10.161 | DESKTOP-5T6BM88.lan | 3394 | | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) |
| 王伟粱的台式机 | Mac_Wangweiliang | 192.168.10.124 | 4C:ED:FB:43:7F:78 | | | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) |
| suzhou_ubuntu01 | ubuntu_server125 | 192.168.10.125 | 4C:ED:FB:CA:44:73 | | 13395 | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) |
| 卢忠明的台式机 | Mac_Luzhongming | 192.168.10.126 | FA:DA:96:6F:16:43 | | | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) |
| 实习生的台式机01 | Desktop_intern01 | 192.168.10.127 | 0C:4D:E9:AC:76:EA | | | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) 实习生临时工位,上网行为受限制 |
| 实习生的台式机02 | Desktop_Intern02 | 192.168.10.128 | DESKTOP-P7831C9 | | | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) 实习生临时工位,上网行为受限制 |
| 实习生的台式机03 | Desktop_Intern03 | 192.168.10.129 | 88:D7:F6:C4:25:AB | | | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) 实习生临时工位,上网行为受限制 |
| 实习生的台式机04 | Desktop_Intern04 | 192.168.10.130 | DESKTOP-P7831C9 | | | 自身已[设定静态IP](https://git.citorytech.com/liuliu/Regulation-Private/src/branch/master/公司网络架构.md#user-content-33-静态ip绑定) 实习生临时工位,上网行为受限制 |
| 张鼎的台式机 | Mac_Zhangdin | 192.168.10.219 | 4C:20:B8:E4:24:08 | | | |
## 1.4 公司内网转发端口规则
#### 注:端口范围指在服务器上开启该范围内的端口即可用域名(ai.cityface.tech)访问
| 设备名称 | 内部IP | 内部访问端口(范围) | 外部访问端口 |
| --------------------------- | -------------- | ------------------ | ------------ |
| 主路由 | 192.168.10.1 | 80 | 16001 |
| 旁路由wifi | 192.168.10.3 | 80 | 16003 |
| Guest wifi 路由器 | 192.168.10.4 | 8080 | 16004 |
| 网络行为管理器 | 192.168.10.5 | 80 | 16005 |
| 共享盘对外服务 | 192.168.10.201 | 445 | 15000 |
| Workstation00-api | 192.168.10.100 | 10000-10099 | 10000-10099 |
| Workstation01-api | 192.168.10.101 | 10100-10104 | 10100-10104 |
| Workstation02-api | 192.168.10.102 | 10200-10299 | 10200-10299 |
| Workstation03-api | 192.168.10.103 | 10300-10399 | 10300-10399 |
| Workstation04-api | 192.168.10.104 | 10400-10499 | 10400-10499 |
| Workstation05-api | 192.168.10.105 | 10500-10599 | 10500-10599 |
| Old_nas_web | 192.168.10.200 | 5000-5001 | 5002-5003 |
| Workstation01-alilanduse | 192.168.10.101 | 10805 | 10805 |
| Workstation01-pg | 192.168.10.101 | 32768 | 32768 |
| Workstation05-pg | 192.168.10.105 | 32770 | 32770 |
| workstation05-pg2 | 192.168.10.105 | 32769 | 32769 |
| Workstation00-ssh | 192.168.10.100 | 2200 | 2200 |
| Workstation01-ssh | 192.168.10.101 | 2201 | 220 |
| workstation02-ssh | 192.168.10.102 | 2202 | 2202 |
| Workstation03-ssh | 192.168.10.103 | 2203 | 2203 |
| Workstation04-ssh | 192.168.10.104 | 2204 | 2204 |
| Workstation05-ssh | 192.168.10.105 | 2205 | 2205 |
| Mac_Shaojinxin-ssh | 192.168.10.121 | 22 | 13391 |
| Suzhou_ubuntu01-ssh | 192.168.10.125 | 22 | 13395 |
| remote_Liuliu_desktop | 192.168.10.201 | 3390 | 3390 |
| remote_Shaojinxin_desktop | 192.168.10.121 | 3391 | 3391 |
| remote_Wangweiliang_desktop | 192.168.10.161 | 3394 | 3394 |

BIN
img/Router01.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.4 MiB

BIN
img/Router02.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.3 MiB

BIN
img/WSG.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.1 MiB

BIN
img/nas00 (1).png

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.5 MiB

BIN
img/nas00.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.5 MiB

BIN
img/router03.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.0 MiB

BIN
img/switch01.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.3 MiB

BIN
img/switch02.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.9 MiB

BIN
img/workstation00.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.6 MiB

BIN
img/workstation01.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 2.2 MiB

BIN
img/workstation02.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.9 MiB

BIN
img/workstation03.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 909 KiB

BIN
img/workstation04.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.7 MiB

BIN
img/workstation05.png

Binary file not shown.

After

Width:  |  Height:  |  Size: 202 KiB

Loading…
Cancel
Save