# Network infrastructure
-## VLANs
+## Networks
-NOC runs 2 core switches (one in each room), carrying a bunch of VLANs:
-- 33 is the management VLAN (192.168.33.0/24);
-- 127 is the LAN (192.168.127.0/24);
-- 255 (`0xFF`) is our Funkfeuer VLAN.
+NOC operates a number of networks, available as tagged VLANs on the core
+switches (one in each half of the hackerspace). These networks are:
+
+| Network | VLAN id | Extra subnets |
+|------------|---------|------------------|
+| Management | 23 | -- |
+| IoT | 33 | -- |
+| Services | 34 | -- |
+| Public | 36 | 89.106.211.32/27 |
+| Guests | 127 | -- |
+| Members | 128 | 89.106.211.64/27 |
+| `0xFF` | 255 | -- |
+
+
+### Conventions
+
+We use a number of conventions to make things more consistent:
+
+- The DNS zone for a given network is `NET.realraum.at`, with the exception
+ of the public services network (which has `realraum.at`);
+- Networks using RFC 1918 IP space use the 192.168.VID.0/24 subnet;
+- The gateway for a network is on the last IP for the subnet.
## WiFi
Each location has a single AP, `ap{0,1}.mgmt.realraum.at`, which provides SSIDs
-for the management VLAN (`realstuff`) and the LAN (`realraum` and `realraum5`);
+for the IoT network (`realstuff`) and the LAN (`realraum` and `realraum5`);
we use Ubiquity hardware running OpenWRT.