#!/bin/bash set -euo pipefail # Load IP configuration SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true # Verify VLAN Plan Utilization - Check current VLAN configuration and readiness # Usage: ./scripts/unifi/verify-vlan-utilization.sh set -e echo "🔍 VLAN Plan Utilization Verification" echo "" # Check current network CURRENT_IP=$(ip -4 addr show eth0 | grep -oP 'inet \K[\d.]+' | head -1) echo "📋 Current Network Configuration:" echo " IP Address: $CURRENT_IP" echo " Gateway: $(ip route show | grep default | awk '{print $3}')" echo "" # Check UDM Pro connectivity echo "🔍 Testing UDM Pro Connectivity..." if ping -c 1 -W 2 ${NETWORK_GATEWAY:-192.168.11.1} >/dev/null 2>&1; then echo " ✅ UDM Pro gateway (${NETWORK_GATEWAY:-192.168.11.1}) is reachable" else echo " ❌ UDM Pro gateway is not reachable" exit 1 fi # Check Proxmox hosts echo "" echo "🔍 Testing Proxmox Host Connectivity..." PROXMOX_HOSTS=( "ml110:${PROXMOX_HOST_ML110}" "r630-01:${PROXMOX_HOST_R630_01}" "r630-02:${PROXMOX_HOST_R630_02}" ) ALL_ACCESSIBLE=true for host_entry in "${PROXMOX_HOSTS[@]}"; do IFS=':' read -r name ip <<< "$host_entry" if ping -c 1 -W 2 $ip >/dev/null 2>&1; then echo " ✅ $name ($ip) is reachable" else echo " ❌ $name ($ip) is not reachable" ALL_ACCESSIBLE=false fi done if [ "$ALL_ACCESSIBLE" = false ]; then echo " ⚠️ Some Proxmox hosts are not accessible" fi # Check Proxmox VLAN support echo "" echo "🔍 Checking Proxmox VLAN Support..." for host_entry in "${PROXMOX_HOSTS[@]}"; do IFS=':' read -r name ip <<< "$host_entry" echo " Checking $name..." # Check VLAN-aware bridge VLAN_AWARE=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@$ip \ "ip link show vmbr0 2>/dev/null | grep -q 'vlan-aware' && echo 'yes' || echo 'no'" 2>/dev/null) if [ "$VLAN_AWARE" = "yes" ]; then echo " ✅ VLAN-aware bridge (vmbr0) configured" else echo " ⚠️ VLAN-aware bridge not detected (may need configuration)" fi done # Check firewall rules echo "" echo "🔍 Checking Firewall Rules..." for host_entry in "${PROXMOX_HOSTS[@]}"; do IFS=':' read -r name ip <<< "$host_entry" echo " Checking $name firewall..." HAS_RULE=$(ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no root@$ip \ "grep -q '192.168.0.0/24' /etc/pve/firewall/host.fw 2>/dev/null && echo 'yes' || echo 'no'" 2>/dev/null) if [ "$HAS_RULE" = "yes" ]; then echo " ✅ Firewall rule for Default network exists" else echo " ⚠️ Firewall rule for Default network not found" fi done # Summary echo "" echo "📊 VLAN Plan Utilization Status:" echo "" echo "✅ Prerequisites:" echo " • VLAN 11 (MGMT-LAN) configured and operational" echo " • Proxmox hosts accessible" echo " • Firewall rules configured" echo " • Inter-VLAN routing enabled" echo "" echo "⏳ Next Steps:" echo " 1. Create additional VLANs (110-203) via UDM Pro web UI" echo " 2. Configure firewall rules for inter-VLAN communication" echo " 3. Assign VMs/containers to appropriate VLANs" echo " 4. Test and verify VLAN utilization" echo "" echo "📁 Documentation:" echo " • docs/04-configuration/UDM_PRO_VLAN_PLAN_UTILIZATION.md" echo " • docs/02-architecture/NETWORK_ARCHITECTURE.md" echo "" echo "✅ Ready to utilize VLAN plan!"