====== PlayGround ======


{{mermaid>resources:mermaid:netwerk-fysiek.txt}}

===== Mermaid netwerkdiagrammen =====

==== Mijn gecombineerde eerste opzet ====

<mermaid>
flowchart LR
    A[(🌐 Internet)]

    subgraph Meterkast
        B[OpenWRT Router<br/>B]
        C[Domme Switch<br/>C]
        D[Synology DS423+<br/>D]

        BW1((📡 wimi<br/>VLAN 3))
        BW2((📡 wimi-trusted<br/>VLAN 1))

        TV[TV]
        CV[CV-gateway]
        RF[RF-bridge]
    end

    subgraph Zolder
        E[Access Point<br/>E]

        EW1((📡 wimi<br/>VLAN 3))
        EW2((📡 wimi-trusted<br/>VLAN 1))

        PC[PC]
        PRN[Printer]
        DJ[DJ-apparatuur]
    end

    %% Internet
    A --> B

    %% Router bekabeld
    B -- "poort 4<br/>VLAN 3 untagged" --> C
    B -- "poort 1<br/>VLAN 1 untagged" --> D
    B -- "poort 2<br/>VLAN 5 untagged" --> D
    B -- "poort 3<br/>trunk VLAN 1,3" --> E

    %% WiFi router
    B -.-> BW1
    B -.-> BW2

    %% WiFi AP
    E -.-> EW1
    E -.-> EW2

    %% Bedrade eindapparaten – Zolder (via E)
    E -- "VLAN 1" --> PC
    E -- "VLAN 3" --> PRN
    E -- "VLAN 3" --> DJ

    %% Bedrade eindapparaten – Meterkast (via C)
    C -- "VLAN 3" --> TV
    C -- "VLAN 3" --> CV
    C -- "VLAN 3" --> RF

</mermaid>


----
==== Opgedeeld in 3 types ====

=== Netwerk: Fysiek overzicht ===


<mermaid>
flowchart LR
    A[(🌐 Internet)]

    subgraph Meterkast
        B[OpenWRT Router]
        C[Switch]
        D[NAS]
        TV[TV]
        CV[CV-gateway]
        RF[RF-bridge]
    end

    subgraph Zolder
        E[Access Point]
        PC[PC]
        PRN[Printer]
        DJ[DJ-apparatuur]
    end

    A --> B
    B --> C
    B --> D
    B --> E

    C --> TV
    C --> CV
    C --> RF

    E --> PC
    E --> PRN
    E --> DJ
    
</mermaid>

=== Netwerk - logisch ===

<mermaid>
flowchart LR
    FW[OpenWRT Router / Firewall]

    subgraph VLAN1["VLAN 1 – Trusted"]
        PC
        NAS
    end

    subgraph VLAN3["VLAN 3 – IoT"]
        TV
        PRN
        DJ
        CV
        RF
    end

    subgraph VLAN5["VLAN 5 – Servers"]
        SRV[Serverdiensten op NAS]
    end

    VLAN1 --> FW
    VLAN3 --> FW
    VLAN5 --> FW

</mermaid>

=== Netwerk - security zones en flows ===


<mermaid>
flowchart LR
    FW[Firewall<br/>OpenWRT]

    subgraph Trusted["Zone: Trusted (VLAN 1)"]
        PC
        NAS
    end

    subgraph IoT["Zone: IoT (VLAN 3)"]
        TV
        PRN
        DJ
        CV
        RF
    end

    subgraph Servers["Zone: Servers (VLAN 5)"]
        SRV[Docker / Services]
    end

    Trusted --> FW
    IoT --> FW
    Servers --> FW

    %% Allowed flows
    Trusted -->|beheer| Servers
    Trusted -->|print| IoT
    IoT -->|status / API| Servers

</mermaid>


===== versimpeld =====


<mermaid>
flowchart LR
    Internet --> Router

    Router -->|Trusted| Trusted
    Router -->|IoT| IoT
    Router -->|Servers| Servers

    subgraph Trusted["VLAN 1 – Trusted"]
        PC
        NAS
    end

    subgraph IoT["VLAN 3 – IoT"]
        TV
        PRN
        DJ
        CV
        RF
    end

    subgraph Servers["VLAN 5 – Servers"]
        Services
    end

</mermaid>

===== Wifi en radios =====
<mermaid>
flowchart LR
    B[OpenWRT Router]
    E[Access Point]

    BW1((📡 wimi<br/>VLAN 3))
    BW2((📡 wimi-trusted<br/>VLAN 1))

    EW1((📡 wimi<br/>VLAN 3))
    EW2((📡 wimi-trusted<br/>VLAN 1))

    B -.-> BW1
    B -.-> BW2

    E -.-> EW1
    E -.-> EW2

    BW1 -.-> IoT[(IoT clients)]
    EW1 -.-> IoT

    BW2 -.-> Trusted[(Trusted clients)]
    EW2 -.-> Trusted
</mermaid>

2-3 combi
<mermaid>
flowchart TD
    %% VLAN / Subnet structuur
    LAN["LAN VLAN 10\n192.168.10.0/24"]
    DMZ["DMZ VLAN 20\n192.168.20.0/24"]
    IOT["IoT VLAN 30\n192.168.30.0/24"]
    GUEST["Gast VLAN 40\n192.168.40.0/24"]
    INTERNET["Internet"]

    %% Firewalls / Security zones
    FW1["Firewall / Router"]

    %% Logische verbindingen
    LAN --> FW1
    DMZ --> FW1
    IOT --> FW1
    GUEST --> FW1
    FW1 --> INTERNET

    %% Security / allowed flows (gekleurd)
    classDef allowed stroke:#0a0,stroke-width:2px;
    class LAN,DMZ,IOT allowed;

    %% Pijlen voor toegestane communicatie
    LAN -->|Toegestaan| DMZ
    LAN -->|Toegestaan| IOT
    LAN -->|Beperkt| GUEST
    DMZ -->|Beperkt| LAN
    IOT -->|Beperkt| LAN

    %% Optioneel: WiFi als inset
    subgraph WiFi
        AP1["AP1 SSID: Home"]
        AP2["AP2 SSID: IoT"]
        AP1 --> LAN
        AP2 --> IOT
    end

</mermaid>


===== Gecombineerd =====
<mermaid>
flowchart LR
    A["🌐 Internet"]

    subgraph Meterkast
        B["OpenWRT Router B"]
        C["Domme Switch C"]
        D["Synology DS423+ D"]

        BW1["📡 wimi VLAN 3"]
        BW2["📡 wimi-trusted VLAN 1"]

        TV["TV"]
        CV["CV-gateway"]
        RF["RF-bridge"]
    end

    subgraph Zolder
        E["Access Point E"]

        EW1["📡 wimi VLAN 3"]
        EW2["📡 wimi-trusted VLAN 1"]

        PC["PC"]
        PRN["Printer"]
        DJ["DJ-apparatuur"]
    end

    %% Internet
    A --> B

    %% Router bekabeld
    B -- "poort 4: VLAN 3 untagged" --> C
    B -- "poort 1: VLAN 1 untagged" --> D
    B -- "poort 2: VLAN 5 untagged" --> D
    B -- "poort 3: trunk VLAN 1,3" --> E

    %% WiFi router
    B -.-> BW1
    B -.-> BW2

    %% WiFi AP
    E -.-> EW1
    E -.-> EW2

    %% Bedrade eindapparaten – Zolder (via E)
    E --> PC
    E --> PRN
    E --> DJ

    %% Bedrade eindapparaten – Meterkast (via C)
    C --> TV
    C --> CV
    C --> RF
    D --> B

    %% Security flows (alleen labels)
    TV -- "Toegestaan" --> B
    CV -- "Toegestaan" --> B
    RF -- "Toegestaan" --> B
    PC -- "Toegestaan" --> B
    PRN -- "Beperkt" --> B
    DJ -- "Beperkt" --> B
</mermaid>