infrastructure/network/README.md

# Network Infrastructure Management

Comprehensive management tools for network infrastructure including switches, routers, VLANs, and network topology.

## Overview

This directory contains management components for network infrastructure across Sankofa Phoenix sites, including:

- **Switches**: Configuration management for network switches
- **Routers**: Router configuration and routing protocol management
- **VLANs**: VLAN configuration and tracking
- **Topology**: Network topology discovery and visualization

## Components

### Switches (`switches/`)

Switch management tools for:
- VLAN configuration
- Port configuration
- Trunk/LAG setup
- STP configuration
- Port security
- SNMP monitoring

### Routers (`routers/`)

Router management tools for:
- Routing table management
- BGP/OSPF configuration
- Firewall rules
- NAT configuration
- VPN tunnels
- Interface configuration

### VLANs (`vlans/`)

VLAN management for:
- VLAN creation and deletion
- VLAN assignment to ports
- VLAN trunking
- Inter-VLAN routing
- VLAN tracking across sites

## Usage

### Switch Configuration

```bash
# Configure switch VLAN
./switches/configure-vlan.sh \
  --switch switch-01 \
  --vlan 100 \
  --name "Employee-Network" \
  --ports "1-24"

# Configure trunk port
./switches/configure-trunk.sh \
  --switch switch-01 \
  --port 25 \
  --vlans "100,200,300"
```

### Router Configuration

```bash
# Configure BGP
./routers/configure-bgp.sh \
  --router router-01 \
  --asn 65001 \
  --neighbor 10.0.0.1 \
  --remote-asn 65000

# Configure OSPF
./routers/configure-ospf.sh \
  --router router-01 \
  --area 0 \
  --network 10.1.0.0/24
```

### VLAN Management

```bash
# Create VLAN
./vlans/create-vlan.sh \
  --vlan 100 \
  --name "Employee-Network" \
  --description "Employee network segment"

# Assign VLAN to switch port
./vlans/assign-vlan.sh \
  --switch switch-01 \
  --port 10 \
  --vlan 100
```

## Network Topology

### Discovery

```bash
# Discover network topology
./discover-topology.sh --site us-east-1

# Export topology
./export-topology.sh --format graphviz --output topology.dot
```

### Visualization

Network topology can be visualized using:
- Graphviz
- D3.js
- React Flow (in Portal)

## Integration with Omada

Network management integrates with TP-Link Omada for:
- Unified network policy management
- Centralized VLAN configuration
- Network analytics

See [Omada Management](../omada/README.md) for details.

## Configuration

### Switch Configuration

```yaml
switches:
  - name: switch-01
    model: TP-Link T1600G
    ip: 10.1.0.1
    vlans:
      - id: 100
        name: Employee-Network
        ports: [1-24]
      - id: 200
        name: Guest-Network
        ports: [25-48]
    trunks:
      - port: 49
        vlans: [100, 200, 300]
```

### Router Configuration

```yaml
routers:
  - name: router-01
    model: TP-Link ER7206
    ip: 10.1.0.254
    bgp:
      asn: 65001
      neighbors:
        - ip: 10.0.0.1
          asn: 65000
    ospf:
      area: 0
      networks:
        - 10.1.0.0/24
        - 10.2.0.0/24
```

### VLAN Configuration

```yaml
vlans:
  - id: 100
    name: Employee-Network
    description: Employee network segment
    subnet: 10.1.100.0/24
    gateway: 10.1.100.1
    dhcp: true
    switches:
      - switch-01: [1-24]
      - switch-02: [1-24]
  
  - id: 200
    name: Guest-Network
    description: Guest network segment
    subnet: 10.1.200.0/24
    gateway: 10.1.200.1
    dhcp: true
    isolation: true
```

## Monitoring

Network monitoring includes:
- SNMP monitoring for switches and routers
- Flow monitoring (NetFlow/sFlow)
- Network performance metrics
- Topology change detection

See [Monitoring](../monitoring/README.md) for details.

## Security

- Network segmentation via VLANs
- Port security on switches
- Firewall rules on routers
- Network access control
- Regular security audits

## Troubleshooting

### Common Issues

**Switch connectivity:**
```bash
./switches/test-connectivity.sh --switch switch-01
```

**VLAN issues:**
```bash
./vlans/diagnose-vlan.sh --vlan 100
```

**Routing problems:**
```bash
./routers/diagnose-routing.sh --router router-01
```

## Related Documentation

- [Omada Management](../omada/README.md)
- [System Architecture](../../docs/system_architecture.md)
- [Infrastructure Management](../README.md)
Apply Composer changes: comprehensive API updates, migrations, middleware, and infrastructure improvements - Add comprehensive database migrations (001-024) for schema evolution - Enhance API schema with expanded type definitions and resolvers - Add new middleware: audit logging, rate limiting, MFA enforcement, security, tenant auth - Implement new services: AI optimization, billing, blockchain, compliance, marketplace - Add adapter layer for cloud integrations (Cloudflare, Kubernetes, Proxmox, storage) - Update Crossplane provider with enhanced VM management capabilities - Add comprehensive test suite for API endpoints and services - Update frontend components with improved GraphQL subscriptions and real-time updates - Enhance security configurations and headers (CSP, CORS, etc.) - Update documentation and configuration files - Add new CI/CD workflows and validation scripts - Implement design system improvements and UI enhancements 2025-12-12 18:01:35 -08:00			`# Network Infrastructure Management`

			`Comprehensive management tools for network infrastructure including switches, routers, VLANs, and network topology.`

			`## Overview`

			`This directory contains management components for network infrastructure across Sankofa Phoenix sites, including:`

			`- Switches: Configuration management for network switches`
			`- Routers: Router configuration and routing protocol management`
			`- VLANs: VLAN configuration and tracking`
			`- Topology: Network topology discovery and visualization`

			`## Components`

			### Switches (`switches/`)

			`Switch management tools for:`
			`- VLAN configuration`
			`- Port configuration`
			`- Trunk/LAG setup`
			`- STP configuration`
			`- Port security`
			`- SNMP monitoring`

			### Routers (`routers/`)

			`Router management tools for:`
			`- Routing table management`
			`- BGP/OSPF configuration`
			`- Firewall rules`
			`- NAT configuration`
			`- VPN tunnels`
			`- Interface configuration`

			### VLANs (`vlans/`)

			`VLAN management for:`
			`- VLAN creation and deletion`
			`- VLAN assignment to ports`
			`- VLAN trunking`
			`- Inter-VLAN routing`
			`- VLAN tracking across sites`

			`## Usage`

			`### Switch Configuration`

			```bash
			`# Configure switch VLAN`
			`./switches/configure-vlan.sh \`
			`--switch switch-01 \`
			`--vlan 100 \`
			`--name "Employee-Network" \`
			`--ports "1-24"`

			`# Configure trunk port`
			`./switches/configure-trunk.sh \`
			`--switch switch-01 \`
			`--port 25 \`
			`--vlans "100,200,300"`
			```

			`### Router Configuration`

			```bash
			`# Configure BGP`
			`./routers/configure-bgp.sh \`
			`--router router-01 \`
			`--asn 65001 \`
			`--neighbor 10.0.0.1 \`
			`--remote-asn 65000`

			`# Configure OSPF`
			`./routers/configure-ospf.sh \`
			`--router router-01 \`
			`--area 0 \`
			`--network 10.1.0.0/24`
			```

			`### VLAN Management`

			```bash
			`# Create VLAN`
			`./vlans/create-vlan.sh \`
			`--vlan 100 \`
			`--name "Employee-Network" \`
			`--description "Employee network segment"`

			`# Assign VLAN to switch port`
			`./vlans/assign-vlan.sh \`
			`--switch switch-01 \`
			`--port 10 \`
			`--vlan 100`
			```

			`## Network Topology`

			`### Discovery`

			```bash
			`# Discover network topology`
			`./discover-topology.sh --site us-east-1`

			`# Export topology`
			`./export-topology.sh --format graphviz --output topology.dot`
			```

			`### Visualization`

			`Network topology can be visualized using:`
			`- Graphviz`
			`- D3.js`
			`- React Flow (in Portal)`

			`## Integration with Omada`

			`Network management integrates with TP-Link Omada for:`
			`- Unified network policy management`
			`- Centralized VLAN configuration`
			`- Network analytics`

			`See [Omada Management](../omada/README.md) for details.`

			`## Configuration`

			`### Switch Configuration`

			```yaml
			`switches:`
			`- name: switch-01`
			`model: TP-Link T1600G`
			`ip: 10.1.0.1`
			`vlans:`
			`- id: 100`
			`name: Employee-Network`
			`ports: [1-24]`
			`- id: 200`
			`name: Guest-Network`
			`ports: [25-48]`
			`trunks:`
			`- port: 49`
			`vlans: [100, 200, 300]`
			```

			`### Router Configuration`

			```yaml
			`routers:`
			`- name: router-01`
			`model: TP-Link ER7206`
			`ip: 10.1.0.254`
			`bgp:`
			`asn: 65001`
			`neighbors:`
			`- ip: 10.0.0.1`
			`asn: 65000`
			`ospf:`
			`area: 0`
			`networks:`
			`- 10.1.0.0/24`
			`- 10.2.0.0/24`
			```

			`### VLAN Configuration`

			```yaml
			`vlans:`
			`- id: 100`
			`name: Employee-Network`
			`description: Employee network segment`
			`subnet: 10.1.100.0/24`
			`gateway: 10.1.100.1`
			`dhcp: true`
			`switches:`
			`- switch-01: [1-24]`
			`- switch-02: [1-24]`

			`- id: 200`
			`name: Guest-Network`
			`description: Guest network segment`
			`subnet: 10.1.200.0/24`
			`gateway: 10.1.200.1`
			`dhcp: true`
			`isolation: true`
			```

			`## Monitoring`

			`Network monitoring includes:`
			`- SNMP monitoring for switches and routers`
			`- Flow monitoring (NetFlow/sFlow)`
			`- Network performance metrics`
			`- Topology change detection`

			`See [Monitoring](../monitoring/README.md) for details.`

			`## Security`

			`- Network segmentation via VLANs`
			`- Port security on switches`
			`- Firewall rules on routers`
			`- Network access control`
			`- Regular security audits`

			`## Troubleshooting`

			`### Common Issues`

			`Switch connectivity:`
			```bash
			`./switches/test-connectivity.sh --switch switch-01`
			```

			`VLAN issues:`
			```bash
			`./vlans/diagnose-vlan.sh --vlan 100`
			```

			`Routing problems:`
			```bash
			`./routers/diagnose-routing.sh --router router-01`
			```

			`## Related Documentation`

			`- [Omada Management](../omada/README.md)`
			`- [System Architecture](../../docs/system_architecture.md)`
			`- [Infrastructure Management](../README.md)`