2026-07-02 20:25:28 +00:00
<svg xmlns= "http://www.w3.org/2000/svg" width= "1600" height= "880" viewBox= "0 0 1600 880" font-family= "system-ui, -apple-system, 'Segoe UI', Roboto, sans-serif" >
2026-07-03 09:15:52 +00:00
<!-- ADR - 0017 rev 3 dCCTV topology (single switch, VLAN - 30 trunk on LAN1).
Colors: reference dataviz palette (light mode). blue #2a78d6 = home LAN ·
violet #4a3aa7 = dCCTV · aqua #1baf7a = dKubernetes ·
yellow #eda100 = dManagementsVms · green #008300 allow · red #e34948 deny -->
2026-07-02 20:25:28 +00:00
<defs >
<marker id= "arrGreen" viewBox= "0 0 10 10" refX= "9" refY= "5" markerWidth= "7" markerHeight= "7" orient= "auto-start-reverse" >
<path d= "M0,0 L10,5 L0,10 z" fill= "#008300" />
</marker>
<marker id= "arrRed" viewBox= "0 0 10 10" refX= "9" refY= "5" markerWidth= "7" markerHeight= "7" orient= "auto-start-reverse" >
<path d= "M0,0 L10,5 L0,10 z" fill= "#e34948" />
</marker>
<marker id= "arrGray" viewBox= "0 0 10 10" refX= "9" refY= "5" markerWidth= "6" markerHeight= "6" orient= "auto-start-reverse" >
<path d= "M0,0 L10,5 L0,10 z" fill= "#52514e" />
</marker>
</defs>
<rect width= "1600" height= "880" fill= "#fcfcfb" />
2026-07-03 09:15:52 +00:00
<text x= "40" y= "42" font-size= "26" font-weight= "700" fill= "#0b0b0b" > ADR-0017 — CCTV segment behind pfSense, VLAN-30 trunk on the LAN1 cable</text>
<text x= "40" y= "66" font-size= "15" fill= "#52514e" > Sofia/Vermont · rev 3 (single switch) 2026-07-02 · dashed = camera-day · the ONLY 802.1Q is the trunk between the switch and eno1</text>
2026-07-02 20:25:28 +00:00
2026-07-03 09:15:52 +00:00
<!-- camera - > everything else (denied) -->
2026-07-02 20:25:28 +00:00
<path d= "M240,168 C520,104 900,104 1148,140" fill= "none" stroke= "#e34948" stroke-width= "3" marker-end= "url(#arrRed)" />
<g transform= "translate(560,111)" >
<circle r= "11" fill= "#fcfcfb" stroke= "#e34948" stroke-width= "2.5" />
<path d= "M-5,-5 L5,5 M5,-5 L-5,5" stroke= "#e34948" stroke-width= "2.5" />
</g>
<text x= "588" y= "100" font-size= "13.5" font-weight= "700" fill= "#e34948" > DENY · camera → LAN / other segments / internet (default deny on dCCTV)</text>
2026-07-03 09:15:52 +00:00
<!-- GARAGE ENTRANCE -->
2026-07-02 20:25:28 +00:00
<rect x= "40" y= "128" width= "240" height= "180" rx= "10" fill= "#4a3aa7" fill-opacity= "0.06" stroke= "#4a3aa7" stroke-opacity= "0.35" />
<text x= "56" y= "154" font-size= "13" font-weight= "700" fill= "#52514e" letter-spacing= "1" > GARAGE ENTRANCE</text>
<rect x= "64" y= "170" width= "192" height= "112" rx= "8" fill= "#ffffff" stroke= "#4a3aa7" stroke-width= "2" />
<text x= "80" y= "196" font-size= "15" font-weight= "700" fill= "#0b0b0b" > vermont-garage</text>
<text x= "80" y= "216" font-size= "12.5" fill= "#52514e" > HiLook IPC-T241H-C · pure IR</text>
<text x= "80" y= "234" font-size= "12.5" fill= "#52514e" > 10.0.30.70 (Kea reservation)</text>
<text x= "80" y= "252" font-size= "12.5" fill= "#52514e" > DNS: garage-cam.viktorbarzin.lan</text>
<text x= "80" y= "270" font-size= "12.5" fill= "#52514e" > PoE from switch · cloud/P2P off</text>
2026-07-03 09:15:52 +00:00
<path d= "M256,284 C330,330 412,368 417,430" fill= "none" stroke= "#52514e" stroke-width= "2" stroke-dasharray= "6,5" marker-end= "url(#arrGray)" />
<text x= "330" y= "322" font-size= "12" fill= "#52514e" > cat6 in conduit · PoE → P4</text>
2026-07-02 20:25:28 +00:00
2026-07-03 09:15:52 +00:00
<!-- RACK zone: single switch -->
2026-07-03 08:37:15 +00:00
<rect x= "40" y= "360" width= "560" height= "265" rx= "10" fill= "#0b0b0b" fill-opacity= "0.03" stroke= "#b9b8b2" />
2026-07-03 09:15:52 +00:00
<text x= "56" y= "384" font-size= "13" font-weight= "700" fill= "#52514e" letter-spacing= "1" > RACK — GARAGE · ONE SWITCH</text>
2026-07-02 20:25:28 +00:00
2026-07-03 09:15:52 +00:00
<rect x= "64" y= "396" width= "512" height= "176" rx= "8" fill= "#4a3aa7" fill-opacity= "0.04" stroke= "#4a3aa7" stroke-width= "2" />
<text x= "80" y= "420" font-size= "15" font-weight= "700" fill= "#0b0b0b" > TL-SG105PE <tspan font-size= "12.5" font-weight= "400" fill= "#52514e" > replaces the SG105E · mgmt 192.168.1.6 (Kea) · all 5 ports used</tspan> </text>
2026-07-03 08:37:15 +00:00
<g font-size= "11.5" text-anchor= "middle" >
2026-07-03 09:15:52 +00:00
<rect x= "80" y= "436" width= "88" height= "56" rx= "6" fill= "#2a78d6" fill-opacity= "0.12" stroke= "#2a78d6" />
<text x= "124" y= "454" font-weight= "700" fill= "#0b0b0b" > P1 · V1</text>
<text x= "124" y= "470" fill= "#52514e" > apartment</text>
<text x= "124" y= "484" fill= "#52514e" > uplink</text>
<rect x= "178" y= "436" width= "88" height= "56" rx= "6" fill= "#2a78d6" fill-opacity= "0.12" stroke= "#2a78d6" />
<text x= "222" y= "454" font-weight= "700" fill= "#0b0b0b" > P2 · V1</text>
<text x= "222" y= "470" fill= "#52514e" > 4G router</text>
<text x= "222" y= "484" fill= "#52514e" > 192.168.1.7</text>
<rect x= "276" y= "436" width= "88" height= "56" rx= "6" fill= "#2a78d6" fill-opacity= "0.12" stroke= "#2a78d6" />
<text x= "320" y= "454" font-weight= "700" fill= "#0b0b0b" > P3 · V1</text>
<text x= "320" y= "470" fill= "#52514e" > UPS mgmt</text>
<rect x= "374" y= "436" width= "88" height= "56" rx= "6" fill= "#4a3aa7" fill-opacity= "0.12" stroke= "#4a3aa7" stroke-width= "2" />
<text x= "418" y= "454" font-weight= "700" fill= "#0b0b0b" > P4 · V30</text>
<text x= "418" y= "470" fill= "#52514e" > camera</text>
<text x= "418" y= "484" fill= "#52514e" > PoE ON</text>
<rect x= "472" y= "436" width= "88" height= "56" rx= "6" fill= "#2a78d6" fill-opacity= "0.10" stroke= "#4a3aa7" stroke-width= "2" stroke-dasharray= "0" />
<text x= "516" y= "454" font-weight= "700" fill= "#0b0b0b" > P5 · trunk</text>
<text x= "516" y= "470" fill= "#52514e" > V1 untagged</text>
<text x= "516" y= "484" fill= "#4a3aa7" > + V30 tagged</text>
2026-07-03 08:37:15 +00:00
</g>
2026-07-03 09:15:52 +00:00
<text x= "80" y= "516" font-size= "12" fill= "#52514e" > 802.1Q: VLAN 1 untagged {P1,P2,P3,P5} · VLAN 30 {P4 untagged/PVID 30, P5 tagged}</text>
<text x= "80" y= "534" font-size= "12" fill= "#52514e" > tag-30 ingress on P1/P2/P3 is dropped (not members) — the trunk is the only tagged path</text>
<text x= "80" y= "558" font-size= "12" fill= "#8a8984" > old TL-SG105E → retired, cold spare · backup-WAN (4G) + UPS keep their ports</text>
2026-07-02 20:25:28 +00:00
2026-07-03 09:15:52 +00:00
<!-- trunk: two parallel lines to eno1 -->
<path d= "M560,458 C630,458 640,428 692,420" fill= "none" stroke= "#2a78d6" stroke-width= "2.5" />
<path d= "M560,466 C632,466 644,436 692,428" fill= "none" stroke= "#4a3aa7" stroke-width= "2.5" />
<text x= "588" y= "404" font-size= "12" font-weight= "700" fill= "#0b0b0b" > LAN1 cable</text>
2026-07-02 20:25:28 +00:00
2026-07-03 09:15:52 +00:00
<!-- R730 / PVE zone -->
2026-07-02 20:25:28 +00:00
<rect x= "680" y= "330" width= "880" height= "440" rx= "10" fill= "#0b0b0b" fill-opacity= "0.03" stroke= "#b9b8b2" />
<text x= "696" y= "356" font-size= "13" font-weight= "700" fill= "#52514e" letter-spacing= "1" > DELL R730 — PVE HOST 192.168.1.127 (IN THE RACK)</text>
<g font-size= "12" >
2026-07-03 09:15:52 +00:00
<rect x= "700" y= "400" width= "150" height= "46" rx= "6" fill= "#2a78d6" fill-opacity= "0.12" stroke= "#4a3aa7" stroke-width= "2" />
2026-07-02 20:25:28 +00:00
<text x= "712" y= "419" font-weight= "700" fill= "#0b0b0b" > eno1 → vmbr0</text>
2026-07-03 09:15:52 +00:00
<text x= "712" y= "436" fill= "#52514e" > untag V1 + tag 30</text>
2026-07-02 20:25:28 +00:00
2026-07-03 09:15:52 +00:00
<rect x= "700" y= "471" width= "150" height= "46" rx= "6" fill= "#ffffff" stroke= "#8a8984" stroke-dasharray= "4,3" />
<text x= "712" y= "490" font-weight= "700" fill= "#52514e" > eno2 → vmbr2</text>
<text x= "712" y= "507" fill= "#8a8984" > dormant fallback leg</text>
2026-07-02 20:25:28 +00:00
<rect x= "700" y= "542" width= "150" height= "46" rx= "6" fill= "#0b0b0b" fill-opacity= "0.04" stroke= "#8a8984" />
<text x= "712" y= "561" font-weight= "700" fill= "#0b0b0b" > vmbr1</text>
<text x= "712" y= "578" fill= "#52514e" > internal · tags 10/20</text>
</g>
<!-- pfSense VM -->
<rect x= "890" y= "388" width= "300" height= "230" rx= "8" fill= "#ffffff" stroke= "#8a8984" />
<text x= "906" y= "414" font-size= "15" font-weight= "700" fill= "#0b0b0b" > pfSense (VM 101)</text>
<text x= "906" y= "432" font-size= "12" fill= "#52514e" > gateway + firewall for every segment</text>
<g font-size= "12" >
<rect x= "906" y= "444" width= "268" height= "34" rx= "5" fill= "#2a78d6" fill-opacity= "0.12" stroke= "#2a78d6" />
2026-07-03 09:15:52 +00:00
<text x= "916" y= "465" fill= "#0b0b0b" > net0 · WAN <tspan fill= "#52514e" > 192.168.1.2 · vmbr0 untagged</tspan> </text>
2026-07-02 20:25:28 +00:00
<rect x= "906" y= "484" width= "268" height= "34" rx= "5" fill= "#eda100" fill-opacity= "0.14" stroke= "#eda100" />
<text x= "916" y= "505" fill= "#0b0b0b" > net1 · dManagementsVms <tspan fill= "#52514e" > 10.0.10.1</tspan> </text>
<rect x= "906" y= "524" width= "268" height= "34" rx= "5" fill= "#1baf7a" fill-opacity= "0.12" stroke= "#1baf7a" />
<text x= "916" y= "545" fill= "#0b0b0b" > net2 · dKubernetes <tspan fill= "#52514e" > 10.0.20.1</tspan> </text>
<rect x= "906" y= "564" width= "268" height= "34" rx= "5" fill= "#4a3aa7" fill-opacity= "0.12" stroke= "#4a3aa7" stroke-width= "2" />
2026-07-03 09:15:52 +00:00
<text x= "916" y= "585" fill= "#0b0b0b" > net3 · dCCTV <tspan fill= "#52514e" > 10.0.30.1/24 · vmbr0 tag 30</tspan> </text>
2026-07-02 20:25:28 +00:00
</g>
2026-07-03 09:15:52 +00:00
<path d= "M850,415 L890,458" fill= "none" stroke= "#2a78d6" stroke-width= "1.6" opacity= "0.6" />
<path d= "M850,430 L890,581" fill= "none" stroke= "#4a3aa7" stroke-width= "2" />
2026-07-02 20:25:28 +00:00
<path d= "M850,565 L890,501" fill= "none" stroke= "#8a8984" stroke-width= "1.6" opacity= "0.6" />
<path d= "M850,565 L890,541" fill= "none" stroke= "#8a8984" stroke-width= "1.6" opacity= "0.6" />
<!-- k8s VMs -->
<rect x= "1240" y= "388" width= "290" height= "230" rx= "8" fill= "#1baf7a" fill-opacity= "0.07" stroke= "#1baf7a" />
<text x= "1256" y= "414" font-size= "15" font-weight= "700" fill= "#0b0b0b" > k8s VMs · 10.0.20.0/24</text>
<text x= "1256" y= "434" font-size= "12.5" fill= "#52514e" > vmbr1 tag 20 · pod egress SNATs</text>
<text x= "1256" y= "450" font-size= "12.5" fill= "#52514e" > to node IPs</text>
<rect x= "1256" y= "464" width= "258" height= "66" rx= "6" fill= "#ffffff" stroke= "#1baf7a" />
<text x= "1268" y= "486" font-size= "13.5" font-weight= "700" fill= "#0b0b0b" > Frigate · k8s-node1 (T4)</text>
<text x= "1268" y= "504" font-size= "12" fill= "#52514e" > detect sub / record main</text>
<text x= "1268" y= "520" font-size= "12" fill= "#52514e" > gpumem budget 2300 MiB</text>
<rect x= "1256" y= "540" width= "258" height= "52" rx= "6" fill= "#ffffff" stroke= "#1baf7a" />
<text x= "1268" y= "562" font-size= "13.5" font-weight= "700" fill= "#0b0b0b" > go2rtc LB 10.0.20.204</text>
<text x= "1268" y= "580" font-size= "12" fill= "#52514e" > restream → HA live view (MSE/HLS)</text>
2026-07-03 09:15:52 +00:00
<!-- HOME LAN zone -->
2026-07-02 20:25:28 +00:00
<rect x= "1148" y= "128" width= "412" height= "180" rx= "10" fill= "#2a78d6" fill-opacity= "0.06" stroke= "#2a78d6" stroke-opacity= "0.4" />
2026-07-03 08:37:15 +00:00
<text x= "1164" y= "154" font-size= "13" font-weight= "700" fill= "#52514e" letter-spacing= "1" > HOME LAN 192.168.1.0/24</text>
2026-07-02 20:25:28 +00:00
<rect x= "1164" y= "168" width= "180" height= "56" rx= "6" fill= "#ffffff" stroke= "#2a78d6" />
<text x= "1176" y= "190" font-size= "13.5" font-weight= "700" fill= "#0b0b0b" > AX6000 · .1</text>
<text x= "1176" y= "208" font-size= "11.5" fill= "#52514e" > + route 10.0.30.0/24 → .2</text>
<rect x= "1164" y= "236" width= "180" height= "52" rx= "6" fill= "#ffffff" stroke= "#2a78d6" />
<text x= "1176" y= "258" font-size= "13.5" font-weight= "700" fill= "#0b0b0b" > ha-sofia · .8</text>
<text x= "1176" y= "275" font-size= "11.5" fill= "#52514e" > Frigate card + hikvision_next</text>
<rect x= "1360" y= "168" width= "184" height= "56" rx= "6" fill= "#ffffff" stroke= "#2a78d6" />
2026-07-03 08:37:15 +00:00
<text x= "1372" y= "190" font-size= "13.5" font-weight= "700" fill= "#0b0b0b" > apartment clients</text>
<text x= "1372" y= "208" font-size= "11.5" fill= "#52514e" > laptops, phones</text>
2026-07-02 20:25:28 +00:00
<rect x= "1360" y= "236" width= "184" height= "52" rx= "6" fill= "#ffffff" stroke= "#52514e" stroke-dasharray= "5,4" />
<text x= "1372" y= "256" font-size= "11.5" font-weight= "700" fill= "#52514e" > CAMERA DAY: static route</text>
<text x= "1372" y= "272" font-size= "11.5" fill= "#52514e" > 10.0.30.0/24 via 192.168.1.2</text>
<path d= "M1254,308 C1150,352 950,372 790,400" fill= "none" stroke= "#2a78d6" stroke-width= "2" opacity= "0.6" />
2026-07-03 09:15:52 +00:00
<text x= "1010" y= "374" font-size= "12" fill= "#2a78d6" > apartment uplink · switch P1 · trunk · eno1</text>
2026-07-02 20:25:28 +00:00
2026-07-03 09:15:52 +00:00
<!-- FLOWS -->
2026-07-03 08:37:15 +00:00
<path d= "M1256,497 C1010,690 330,730 120,650 C40,618 40,380 96,286" fill= "none" stroke= "#008300" stroke-width= "3" marker-end= "url(#arrGreen)" />
<text x= "620" y= "700" font-size= "13.5" font-weight= "700" fill= "#008300" > ALLOW · Frigate → camera RTSP :554 (routed k8s → dCCTV; opt1 allow-all)</text>
2026-07-02 20:25:28 +00:00
<path d= "M1164,262 C820,282 470,268 302,176 C286,167 278,166 270,172" fill= "none" stroke= "#008300" stroke-width= "3" marker-end= "url(#arrGreen)" />
<text x= "484" y= "216" font-size= "13.5" font-weight= "700" fill= "#008300" > ALLOW · ha-sofia → camera :80 ISAPI + :554</text>
<text x= "484" y= "234" font-size= "12" fill= "#52514e" > enters pfSense WAN · reply-to off · needs the AX6000 route</text>
<path d= "M280,232 C660,200 860,320 936,386" fill= "none" stroke= "#008300" stroke-width= "2" opacity= "0.85" marker-end= "url(#arrGreen)" />
<text x= "740" y= "322" font-size= "12.5" font-weight= "700" fill= "#008300" > ALLOW · camera → 10.0.30.1:123 (NTP)</text>
2026-07-03 09:15:52 +00:00
<!-- LEGEND -->
2026-07-02 20:25:28 +00:00
<g transform= "translate(40,800)" font-size= "12.5" >
<rect x= "0" y= "0" width= "18" height= "18" rx= "4" fill= "#2a78d6" fill-opacity= "0.12" stroke= "#2a78d6" />
2026-07-03 09:15:52 +00:00
<text x= "26" y= "14" fill= "#0b0b0b" > home LAN / VLAN 1</text>
<rect x= "200" y= "0" width= "18" height= "18" rx= "4" fill= "#4a3aa7" fill-opacity= "0.12" stroke= "#4a3aa7" stroke-width= "2" />
<text x= "226" y= "14" fill= "#0b0b0b" > CCTV / VLAN 30 / dCCTV 10.0.30.0/24</text>
<rect x= "500" y= "0" width= "18" height= "18" rx= "4" fill= "#1baf7a" fill-opacity= "0.12" stroke= "#1baf7a" />
<text x= "526" y= "14" fill= "#0b0b0b" > dKubernetes</text>
<rect x= "640" y= "0" width= "18" height= "18" rx= "4" fill= "#eda100" fill-opacity= "0.14" stroke= "#eda100" />
<text x= "666" y= "14" fill= "#0b0b0b" > dManagementsVms</text>
<line x1= "820" y1= "9" x2= "860" y2= "9" stroke= "#008300" stroke-width= "3" marker-end= "url(#arrGreen)" />
<text x= "870" y= "14" fill= "#0b0b0b" > allowed flow</text>
<line x1= "980" y1= "9" x2= "1020" y2= "9" stroke= "#e34948" stroke-width= "3" marker-end= "url(#arrRed)" />
<text x= "1030" y= "14" fill= "#0b0b0b" > denied</text>
<line x1= "1100" y1= "9" x2= "1140" y2= "9" stroke= "#52514e" stroke-width= "2" stroke-dasharray= "6,5" />
<text x= "1150" y= "14" fill= "#0b0b0b" > camera-day step</text>
<text x= "1320" y= "14" fill= "#52514e" > ADR-0017 · rev 3</text>
2026-07-02 20:25:28 +00:00
</g>
</svg>