Network Model v1 (Power-Constrained Phase)
Purpose
Document the as-built network state, the rationale behind it, and the intended evolution path. This is the baseline substrate for ingress, naming, and service exposure decisions.
As-Built Topology
Physical Topology
Internet
|
ISP Modem (Bridge Mode)
|
OpenWRT Router (Single NAT / DHCP / DNS)
|
LAN Clients + Server Nodes
(IPMI connected on-demand only)
Logical Roles
| Role | Device/Service |
|---|---|
| Edge NAT | OpenWRT |
| DHCP Authority | OpenWRT |
| DNS | OpenWRT (AdGuard) |
| VPN Client Egress | OpenWRT (WireGuard -> iVPN) |
| ISP Modem | Bridge mode only (no routing) |
IP Plan (Current)
- Single flat LAN (one subnet).
- DHCP and DNS are authoritative only on OpenWRT.
- Specific CIDR, DHCP ranges, and static reservations live in OpenWRT config.
Trade-offs (Intentional)
- No VLAN segmentation yet: Deferred due to hardware and power constraints.
- No dedicated firewall: OpenWRT fulfills boundary duties for now.
- No managed switch: The network spine is temporary; port/power constraints apply.
- IPMI not always-on: Connected only when needed to conserve ports and power.
Evolution Roadmap
- Phase 1 (Current): Single NAT/DHCP/DNS, flat LAN.
- Phase 2: Add managed switch and introduce VLANs.
- Phase 3: Dedicated firewall and segmented trust zones.