IP Address Tables
Master per-host IP reference for Site A and Site B: Proxmox management, IPMI, Corosync, storage, Ceph, backup, DNS, PBS, and Kubernetes VIP addresses.
Per-host and per-service IP reference for both sites. For the subnet layout and address-block convention, see IP Addressing; for switch port assignments, see Port Tables.
Site A Physical Hosts
Supernet 10.10.0.0/16. Hosts hold an L3 address only on the infrastructure VLANs they terminate; VM-service and client VLANs (30, 40, 50, 70, 80, 100, 110, 120) are bridged with no host IP.
| Host | Proxmox Mgmt (VLAN 20) | IPMI (VLAN 10) | Corosync (VLAN 25) | Storage / Ceph public (VLAN 60) | Backup / Replication (VLAN 90) |
|---|---|---|---|---|---|
sa-edge-01 | 10.10.20.10 | 10.10.10.10 | 10.10.25.10 | — | — |
sa-cmp-01 | 10.10.20.11 | — | 10.10.25.11 | 10.10.60.11 | 10.10.90.11 |
sa-cmp-02 | 10.10.20.12 | — | 10.10.25.12 | 10.10.60.12 | 10.10.90.12 |
sa-stor-01 | 10.10.20.20 | 10.10.10.20 | 10.10.25.20 | 10.10.60.20 | 10.10.90.20 |
sa-cmp-01 and sa-cmp-02 are ThinkPads — no IPMI at any phase. sa-edge-01 carries no storage or backup interfaces; Proxmox migration traffic falls back to VLAN 20.
Site B Physical Hosts
Supernet 10.20.0.0/16. Site B adds VLAN 65 (Ceph cluster, no GW) for Ceph replication traffic; it must stay local and must not traverse WireGuard.
| Host | Proxmox Mgmt (VLAN 20) | IPMI (VLAN 10) | Corosync (VLAN 25) | Ceph public (VLAN 60) | Ceph cluster (VLAN 65) | Backup / Replication (VLAN 90) |
|---|---|---|---|---|---|---|
sb-edge-01 | 10.20.20.10 | 10.20.10.10 | 10.20.25.10 | — | — | — |
sb-cmp-01 | 10.20.20.20 | 10.20.10.20 | 10.20.25.20 | 10.20.60.20 | 10.20.65.20 | 10.20.90.20 |
sb-cmp-02 | 10.20.20.21 | 10.20.10.21 | 10.20.25.21 | 10.20.60.21 | 10.20.65.21 | 10.20.90.21 |
sb-cmp-03 | 10.20.20.30 | 10.20.10.30 | 10.20.25.30 | 10.20.60.30 | 10.20.65.30 | 10.20.90.30 |
sb-cmp-04 | 10.20.20.31 | 10.20.10.31 | 10.20.25.31 | 10.20.60.31 | 10.20.65.31 | 10.20.90.31 |
sb-cmp-05 | 10.20.20.32 | 10.20.10.32 | 10.20.25.32 | 10.20.60.32 | 10.20.65.32 | 10.20.90.32 |
sb-edge-01 carries no Ceph or backup interfaces. VLAN 25 (Corosync) and VLAN 65 (Ceph cluster) have no OPNsense gateway by design.
Infrastructure Management (VLAN 10)
Switches, demoted routers, and APs hold static addresses in the .2–.9 infra band. These supersede the older UniFi XG .11/.12 and USW .11 assignments.
| Device | Site A | Site B |
|---|---|---|
OPNsense gateway (.1) | 10.10.10.1 | 10.20.10.1 |
Netgear core switch (sa-sw-01 / sb-sw-01) | 10.10.10.2 | 10.20.10.2 |
Access switch #1 (sa-sw-02 / sb-sw-02) | 10.10.10.3 | 10.20.10.3 |
Access switch #2 (sa-sw-03) | 10.10.10.4 | — |
Demoted router (sa-gw / sb-gw) | 10.10.10.5 | 10.20.10.4 |
sa-ap-01 (UniFi U7 Pro XGS) | 10.10.10.6 | — |
Service VMs
DNS VMs
Technitium DNS VMs run on VLAN 30 (VM Services). sa-dns-01 and sb-dns-01 are primaries; sa-dns-02 and sb-dns-02 replicate via AXFR.
| VM | Site A | Site B |
|---|---|---|
| DNS primary | 10.10.30.10 (sa-dns-01) | 10.20.30.10 (sb-dns-01) |
| DNS secondary | 10.10.30.11 (sa-dns-02) | 10.20.30.11 (sb-dns-02) |
Secrets & Controller VMs
OpenBao (secrets manager) runs on VLAN 30 in the .40 service band, one instance per site on the edge E200s. The UniFi OS Server controller is Site A-only, on VLAN 10 alongside the devices it adopts.
| VM | Site A | Site B |
|---|---|---|
OpenBao (sa-bao-01 / sb-bao-01, VLAN 30) | 10.10.30.40 | 10.20.30.40 |
UniFi OS Server (sa-uos-01, VLAN 10) | 10.10.10.40 | — (adopts over WireGuard) |
Proxmox Backup Server
Proxmox Backup Server (PBS) is dual-homed: management on VLAN 30 (VM Services), backup data on VLAN 90 (Backup / Replication). The backup-data NIC sits in the .40 service band to avoid colliding with host addresses in the .10–.39 band.
| Interface | Site A — PBS-A | Site B — PBS-B |
|---|---|---|
| Management (VLAN 30) | 10.10.30.20 | 10.20.30.20 |
| Backup data (VLAN 90) | 10.10.90.40 | 10.20.90.40 |
Kubernetes VIPs (VLAN 50)
K8s load-balancer and VIP addresses live on VLAN 50 (K8s LB / VIPs). MetalLB pools span .200–.250 at both sites.
| Purpose | Site A | Site B |
|---|---|---|
| Kubernetes API VIP | 10.10.50.10 | 10.20.50.10 |
| Ingress (HTTP/S) VIP | 10.10.50.11 | 10.20.50.11 |
| MetalLB pool | 10.10.50.200 – 10.10.50.250 | 10.20.50.200 – 10.20.50.250 |
Related Pages
- IP Addressing — supernet layout, bootstrap network, and per-phase address plan
- Addressing Convention — the
.1–.254band rules used in every routed/24 - IP Explorer — interactive map of all host and service addresses