Skip to content
MicrosoftLab.ch
Blog

IP Addressing Schema

VLAN Overview

Section titled “VLAN Overview”
VLANNameSubnetGatewayPurpose
1zrh-default-v110.1.1.0/2410.1.1.1UniFi Devices
10zrh-mgmt-v1010.10.10.0/2410.10.10.1Management
20zrh-san-v2010.20.20.0/24-Storage (isolated)
30zrh-srv-v3010.30.30.0/2410.30.30.1Servers
40zrh-clt-v4010.40.40.0/2210.40.40.1Clients
50zrh-dmz-v5010.50.50.0/2810.50.50.1DMZ
60zrh-vpn-v6010.60.60.0/2410.60.60.1VPN

VLAN 10 - Management (10.10.10.0/24)

Section titled “VLAN 10 - Management (10.10.10.0/24)”
IP AddressHostnameDescription
10.10.10.1fw-edge-zrh-01Gateway
10.10.10.2sw-core-zrh-01Core Switch
10.10.10.3sw-dist-zrh-01Distribution Switch
10.10.10.11srv-pve-zrh-01Proxmox Node 1
10.10.10.12srv-pve-zrh-02Proxmox Node 2
10.10.10.20srv-rpi-zrh-01Raspberry Pi (QDevice)

VLAN 20 - Storage (10.20.20.0/24)

Section titled “VLAN 20 - Storage (10.20.20.0/24)”
IP AddressHostnameDescription
10.20.20.11srv-pve-zrh-01Proxmox Node 1 (Storage)
10.20.20.12srv-pve-zrh-02Proxmox Node 2 (Storage)

Note: No gateway - isolated network for storage traffic. MTU 9000.

VLAN 30 - Servers (10.30.30.0/24)

Section titled “VLAN 30 - Servers (10.30.30.0/24)”

Domain Controllers

Section titled “Domain Controllers”
IP AddressHostnameVM IDRole
10.30.30.10srv-dc-zrh-01300Forest Root DC, DHCP
10.30.30.15srv-dcc-zrh-01305Child Domain DC

PKI Infrastructure

Section titled “PKI Infrastructure”
IP AddressHostnameVM IDRole
10.30.30.20srv-rca-zrh-01310Root CA (Offline, WORKGROUP)
10.30.30.21srv-ica-zrh-01311Issuing CA
10.30.30.22srv-pki-zrh-01312PKI Web Repository
10.30.30.23srv-pki-zrh-02313PKI Web Repository

Management

Section titled “Management”
IP AddressHostnameVM IDRole
10.30.30.70srv-jump-zrh-01370Jump Host

Reserved Ranges

Section titled “Reserved Ranges”
RangePurpose
10.30.30.1-9Network/Reserved
10.30.30.10-19Domain Controllers
10.30.30.20-29PKI Infrastructure
10.30.30.30-39File Services
10.30.30.40-49Database Servers
10.30.30.50-69Application Servers
10.30.30.70-79Management
10.30.30.100-200DHCP Range
10.30.30.250Temporary Setup

DHCP Scope (VLAN 30)

Section titled “DHCP Scope (VLAN 30)”
SettingValue
Scope Namezrh-srv-v30
Start Range10.30.30.100
End Range10.30.30.200
Subnet Mask255.255.255.0
Gateway10.30.30.1
DNS Servers10.30.30.15, 10.30.30.10
DNS Domaincorp.microsoftlab.ch
Lease Duration8 days

VLAN 40 - Clients (10.40.40.0/22)

Section titled “VLAN 40 - Clients (10.40.40.0/22)”
AttributeValue
Network10.40.40.0
Subnet Mask255.255.252.0 (/22)
Usable Range10.40.40.1 - 10.40.43.254
Broadcast10.40.43.255
Total Hosts1022

Static Assignments

Section titled “Static Assignments”
IP AddressHostnameVM IDDescription
10.40.40.10clt-admin-zrh-01400Admin Workstation (optional)

DHCP Scope (VLAN 40)

Section titled “DHCP Scope (VLAN 40)”
SettingValue
Scope Namezrh-clt-v40
Start Range10.40.40.100
End Range10.40.43.254
Subnet Mask255.255.252.0
Gateway10.40.40.1
DNS Servers10.30.30.15, 10.30.30.10
DNS Domaincorp.microsoftlab.ch
Lease Duration8 days

VLAN 60 - VPN (10.60.60.0/24)

Section titled “VLAN 60 - VPN (10.60.60.0/24)”
IP AddressDescription
10.60.60.1VPN Gateway (UniFi)
10.60.60.2HP Elitebook (Maurice)
10.60.60.3-254VPN Client Pool

DNS Service Alias

Section titled “DNS Service Alias”
DNS NameIP Address(es)Purpose
pki.microsoftlab.ch10.30.30.22, 10.30.30.23PKI CRL/AIA (Round Robin)