Merge branch 'master' of git.dn42:wiki/wiki

+### Can I use Windows to clone and update the registry ?

+

+No. The registry includes IPv6 resources but NTFS does not support having a `:` in filenames.

+

+A simple workaround is to use a non-Windows VM to do your changes.

+dn42 is a big dynamic [VPN](http://en.wikipedia.org/wiki/Virtual_private_network), which employs Internet technologies ([BGP](http://en.wikipedia.org/wiki/Bgp), whois database, [DNS](http://en.wikipedia.org/wiki/Domain_Name_System), etc). Participants connect to each other using network tunnels ([GRE](/howto/GRE-on-FreeBSD), [OpenVPN](/howto/openvpn), [Tinc](/howto/tinc), [IPsec](/howto/IPsec-with-PublicKeys)) and exchange routes thanks to the Border Gateway Protocol. Network addresses are assigned in the `172.20.0.0/14` range and private AS numbers are used (see [registry](/services/Whois)) as well as IPv6 addresses from the ULA-Range (`fd00::/8`) - see [FAQ](/FAQ#frequently-asked-questions_what-about-ipv6-in-dn42).

+A number of services are provided on the network: see [internal](/internal/Internal-Services) (only available from within dn42). Also, dn42 is interconnected with other networks, such as [ChaosVPN](http://wiki.hamburg.ccc.de/ChaosVPN) or some [Freifunk](http://en.wikipedia.org/wiki/Freifunk) networks.

+* [Breizh-Entropy](http://wiki.breizh-entropy.org/wiki/DN42)

+This wiki is the main reference about dn42. It is available in read-only mode from the Internet [here](https://wiki.dn42.us) or [here](https://dn42.dev) or [here](https://dn42.tk) or [here](https://dn42.eu), [tor](http://jsptropkiix3ki5u.onion) and [i2p](http://beb6v2i4jevo72vvnx6segsk4zv3pu3prbwcfuta3bzrcv7boy2q.b32.i2p/) and for editing from within dn42, at [https://wiki.dn42](https://wiki.dn42) - [https](services/Certificate-Authority) required for editing.

+ * [[GRE on OpenBSD|howto/GRE-on-OpenBSD]]

+ * [[IPv6 Multicast (PIM-SM)|howto/IPv6-Multicast]]

+ * [[Route Collector|services/Route-Collector]]

+ * [dn42.eu](https://dn42.eu) maintained by Nurtic-vibe

+ * [dn42.tk](https://dn42.tk) maintained by Androw

+The `extra/bird` package in the arch repositories will usually have a relatively recent version and there is (usually) no need for a manual install over the usual `# pacman -S bird`.

+# Point-to-Point Layer 3 GRE tunnel interface

+This guide describes how to establish an unencrypted and unauthenticated IPv6-over-IPv6 tunnel on [OpenBSD](https://openbsd.org), see [gre(4) EXAMPLES](http://man.openbsd.org/gre.4#Point-to-Point_Layer_3_GRE_tunnel_interfaces_(gre)_example) for similar setups.

+

+

+# Configuration

+Let *A* be the local OpenBSD host and *D* the remote peer, assume public DNS names and IPv6 reachability.

+

+Let `fd42::` and `fd42::1` be the IPs of *A* and *D* respectively where both are allocated as `/127` subnet from one of the peer's DN42 prefix.

+

+## pseudo interface

+Populate [`/etc/hostname.gre0`](https://man.openbsd.org/hostname.if.5) with:

+```

+tunnel A.example.com D.example.net

+inet6 fd42::/127

+```

+This will resolve FQDNs at parse time, set *A*'s and *D*'s IPs as source and destination tunnel address and set *A*'s assigned IP as point-to-point address on the interface.

+

+Replace hostnames in the `tunnel` line with literal IPs if DNS is not available (at system boot).

+

+Reboot or run [`sh /etc/netstart gre0`](https://man.openbsd.org/netstart.8) to bring up the tunnel.

+

+## miscellaneous

+Populate `/etc/sysctl.conf` with:

+```

+net.inet.gre.allow=1

+```

+Reboot or run `sysctl net.inet.gre.allow=1` to allow GRE packet processing.

+

+-

+At this point, `gre0` will be administratively *UP*:

+```

+$ ifconfig gre0

+gre0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1476

+ index 22 priority 0 llprio 6

+ encap: vnetid none txprio payload rxprio packet

+ groups: gre

+ tunnel: inet6 2001:db8::a --> 2001:db9::d ttl 64 nodf ecn

+ inet6 fe80::221:28ff:fef9:c1d8%gre0 --> prefixlen 64 scopeid 0x16

+ inet6 fd42:: --> prefixlen 127

+```

+

+All traffic destined to `fd42::1/127` will be encapsulated and routed to *D*:

+```

+$ route show

+[...]

+Internet6:

+Destination Gateway Flags Refs Use Mtu Prio Iface

+fd42::/127 fd42:: UCn 1 0 - 4 gre0

+fd42:: fd42:: UHl 0 0 - 1 gre0

+fd42::1 link#0 UHc 0 3180 - 3 gre0

+fe80::%gre0/64 fe80::221:28ff:fef9:c1d8%gre0 Un 0 0 - 4 gre0

+fe80::221:28ff:fef9:c1d8%gre0 fe80::221:28ff:fef9:c1d8%gre0 UHl 0 0 - 1 gre0

+ff01::%gre0/32 fe80::221:28ff:fef9:c1d8%gre0 Um 0 1 - 4 gre0

+ff02::%gre0/32 fe80::221:28ff:fef9:c1d8%gre0 Um 0 1 - 4 gre0

+[...]

+```

+```

+$ route -n get fd42::1

+ route to: fd42::1

+destination: fd42::1

+ mask: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff

+ interface: gre0

+ if address: fd42::

+ priority: 3 ()

+ flags: <UP,HOST,DONE,CLONED>

+ use mtu expire

+ 3181 0 0

+```

+

+# Security

+GRE may be protected with IPsec to encrypt and authenticate traffic, [OpenIKED](http://www.openiked.org/) can be used to establish an IKEv2 session between *A* and *D*.

+To register a domain name, create a `dns` object in the data/dns directory.

+Domain names and nserver attributes must be lowercase.

+# IPv6 Multicast

+

+The following guide illustrates how to set up an IPv6 multicast router using [PIM-SM](https://en.wikipedia.org/wiki/Protocol_Independent_Multicast#Sparse_mode) (Protocol Independent Multicast in Sparse Mode) with your own personal multicast prefix.

+

+## Quickstart

+

+* Install pim6sd from here: https://github.com/troglobit/pim6sd/

+ ```sh

+ cd /usr/src

+ git clone https://github.com/troglobit/pim6sd.git

+ cd pim6sd

+ ./autogen.sh

+ ./configure

+ make

+ ```

+* Find a peer who is already connected to the dn42 multicast backbone

+* Calculate your personal, embedded-RP multicast prefix matching your network prefix via [RFC3956](https://tools.ietf.org/html/rfc3956)

+ * Example:

+ * Pattern: `ff7e:<RIID><plen>:<prefix>::/96`

+ * Prefix: `fd00:2001:db8::/48`

+ * Prefix length: `48 == 0x30`

+ * RIID: An arbitrary number between `0x1` and `0xf`, for instance `0x2`

+ * Result:

+ * Multicast prefix: `ff7e:230:fd00:2001:db8::/96`

+ * RP address: ``fd00:2001:db8::<RIID>`` -> ``fd00:2001:db8::2``

+

+* Create a dummy interface to hold your calculated unicast Rendezvous Point address. This one needs to be reachable from within dn42. Also set "multicast on" on this dummy interface. Example:

+

+ ```

+ # /etc/network/interfaces.d/pim6sd

+ auto pim-router-id

+ iface pim-router-id inet manual

+ pre-up ip link add name $IFACE type dummy

+ post-up ip link set multicast on dev $IFACE

+ post-up ip -6 a a fd00:2001:db8::2/128 dev $IFACE

+ post-down ip link del $IFACE

+ ```

+

+* Create the configuration file:

+

+ ```sh

+ # /etc/pim6sd.conf

+ # disable all interfaces by default

+ default_phyint_status disable;

+

+ # enable the pim-router-id interface first to acquire the correct primary address

+ phyint pim-router-id enable;

+

+ # add multicast-capable peer interfaces below

+ phyint dn42-peer1 enable;

+

+ # configure rendezvous point for the personal multicast prefix

+ cand_rp pim-router-id;

+ group_prefix ff7e:230:fd00:2001:db8::/96;

+ ```

+

+ The `phyint` statement enables [PIM](https://tools.ietf.org/html/rfc7761) and [MLD](https://tools.ietf.org/html/rfc2710) on the target interface - by default all interfaces are in the disable state. Enable an interface if it is directed towards a multicast-capable peer or other multicast-capable routers in your autonomous system. Also enable it for downstream network segments with multicast listeners and senders, like for example your home (W)LAN segments.

+

+ With `cand_rp` and `group_prefix` statements you can configure this router as a Rendezvous Point (RP) for your personal multicast group prefix. The address on the interface given as `cand_rp` will be used as the primary address for your RP, it therefore *must* be routable.

+

+---

+

+## Testing & Applications

+

+### Creating a test network namespace

+

+On your router:

+

+```sh

+allow-hotplug pim-ns0

+iface pim-ns0 inet manual

+ pre-up ip link add pim-ns0 type veth peer name pim-ns1

+ post-up ip netns add pim-ns0

+ post-up ip link set addr 02:11:22:00:00:02 netns pim-ns0 name pim-ns0 up dev pim-ns1

+ post-up ip link set addr 02:11:22:00:00:01 up dev pim-ns0

+ post-up ip -6 a a fdd5:69d5:c530:1::1/64 dev pim-ns0

+ post-up ip netns exec pim-ns0 ip -6 a a fdd5:69d5:c530:1::2/64 dev pim-ns0

+ post-up ip netns exec pim-ns0 ip -6 r a default via fdd5:69d5:c530:1::1

+ post-down ip link del pim-ns0

+ post-down ip netns del pim-ns0

+```

+

+You can now switch into this test network namespace via "ip netns exec /bin/bash". Inside this network namespace you can try:

+

+### Creating a test multicast listener

+

+```

+$ socat -u UDP6-RECV:1234,reuseaddr,ipv6-join-group="[ff7e:230:fdd5:69d5:c530::123]:eth0" -

+```

+

+### Creating a test multicast sender

+

+First select which interface should be the default one for your multicast traffic. Then send multicast packets via ICMPv6:

+

+```

+$ ip -6 route add ff7e:230:fdd5:69d5:c530::/96 dev eth0 table local

+$ ping6 -t 16 ff7e:230:fdd5:69d5:c530::123

+```

+

+The "-t 16", a hop-limit of 16, is important here as **by default all multicast traffic is usually send with a hop-limit of just 1**.

+

+---

+

+## Advanced Configurations

+

+

+

+### Nomenclature

+

+#### Bootstrap Router (BSR)

+

+Router that collects multicast group information from all RP in the network and advertises it across the network.

+

+#### Rendezvous Point (RP)

+

+Router where senders and receivers will meet for a certain multicast address. Senders must send their data to it, after which it will be forwarded to receivers. As soon as a receivers DR learns of the sender it will ask their router to forward data along a direct path between sender and receiver.

+

+#### Designated Router (DR)

+

+First-hop router that stand in for sender and receiver on their downstream networks. The senders DR sends their data towards the RP encapsulated in PIM Register packets. The receivers DR will send join and prune messages to the RP, managing the group subscription.

+

+### RFC3306: "Unicast-Prefix-based IPv6 Multicast Addresses"

+

+Before RFC3956 (embedded RP addresses) personal, network prefix based multicast prefixes were calculated via RFC3306. Example:

+

+* Pattern: `ff3e:<plen>:<prefix>::/96`

+ * Prefix: `fd00:2001:db8::/48`

+ * Prefix length: `48 == 0x30`

+ * Result: `ff3e:30:fd00:2001:db8::/96`

+

+* Pros:

+ * More flexible RP address selection

+ * Allows filtering on the BSR

+

+* Cons:

+ * Needs a central BSR for coordination (or static RP configuration)

+ * Allows filtering on the BSR

+

+However you can usually just announce and use both RFC3306 and RFC3956 based multicast prefixes, if you want to. pim6sd allows adding multiple ``group_prefix`` entries.

+

+### Address Management

+

+#### Bootstrap Router

+

+If you want to be participate as a bootstrap router candidate, please read up on how PIM works first. If you join with a bootstrap router candidate add it here below with contact information and join #dn42-multicast on HackInt:

+* <BSR-ADDR1> - [email protected], foo@HackInt

+* <BSR-ADDR2> - ...

+

+#### Shared multicast addresses

+

+Next to personal multicast prefixes generated by network prefix (RFC3306 or RFC3956) there can also be multicast addresses not owned by a specific AS. In general any one can just set up a multicast sender or listener for those. However to work, they need a reliable RP for coordination.

+

+If you want to offer an RP candidate for a shared multicast address, please read up on how PIM works first. If you join with an RP candidate for a shared multicast address add it here below with contact information and join #dn42-multicast on HackInt:

+* <multicast-address1>/128:

+ - <RP-address1> - [email protected], foo@HackInt

+ - <RP-address2> - [email protected], bar@HackInt

+* <multicast-address2>/128:

+ - ...

+

+## Questions?

+

+* Join: ``#dn42-multicast`` on ``HackInt``

+

+---

+

+ToDo:

+* We have a solution for personal multicast prefixes tied to the network prefix of an AS owner. But what to do with multicast addresses that not only have listeners but also senders globally? We could have everyone add an additional "group_prefix ff00::/8" and then multicast router with the lowest address would win and become the central RP for all these addresses... not really scalable, robust or decentral though :-/. Should we use PIM-DM for some of these addresses instead (e.g. ones which generally have a low throughput, for instance Bittorrent Local Peer Discovery)? Or maybe those global addresses should be managed and configured as /128 and people who are interested in managing a specific, global multicast address will coordinate with each other?

+* bootstrap router coordination; according to RFCs a bootstrap router can alter/filter the multicast prefixes it received from candidate RPs. Should a bootstrap router check and filter any multicast prefix that was generated from a network prefix which does not match the network prefix used by the PR?

+<!-- Nurtic-Vibe has another [script](https://git.dn42.us/Nurtic-Vibe/grmml-helper/src/master/create_wg.sh) to interactively automate the peering process. -->

+##ASN Authentication Solution

+Authenticate your users by having them verify their ASN ownership with KIOUBIT-MNT using their registry-provided methods in an automated way.

+More Information in the setup tutorial: https://dn42.g-load.eu/auth/documentation/tutorial.html

+To use the service, please message Kioubit on IRC to have your domain activated.

+ * What is my IP: [ip4.dn42](http://ip4.dn42/), [ip6.dn42](http://ip6.dn42/)

+ * http://wieistmeineip.dn42 provides a service like http://wieistmeineip.de, but for dn42.

+ * You can also use http://whatismyip.dn42 from inside dn42 to get your IPv4 and IPv6 address. It also returns information about your latency, netblock details, and route information.

+ * An alternative is available at https://ip.naive.network, which displays your clearnet and dn42 IP addresses.

+| _Configuring Yacy Network settings:_ |[YaCy Network Configuration](http://yacy.dn42/yacy.network.dn42.unit) |

+| http://mhm.dn42/search | Hosted by toBee |

+### FTP / HTTP

+

+| Hostname / IP | Space | Speed | Remarks |

+|:----------------------------------------------------------- |:----- |:----------- |:---------------------------------- |

+| http://filer.mhm.dn42 | 4TB | 1GBit | 24/7/365 |

+| http://data.0l.dn42 | 5TB | 1GBit | 24/7/365, download, dn42 MRT dumps |

+

+### Torrent Search Engine

+

+* https://magnetic.dn42 (DHT Search Engine)

+

+**More inspiration is collected [here](/internal/Historical-Services) and [here](/internal/Ideas).**

+ * Network Information Service: [info.nia.dn42](http://info.nia.dn42) (DN42) or [bgp42.strexp.net](https://bgp42.strexp.net) (IANA). Main functions including _network information_, _network map (from map.dn42, require WebGL)_, _network ranking (based on centrality)_, _ROA alerting_ and _path finder_.

+ * Yet Another WIP network map: [map.jerry.dn42](http://map.jerry.dn42/) (via DN42) or [map.meson.cc](https://map.meson.cc) (via clearnet) _(uses GRC shell as source, updated every 24 hours.)_

+ * What is my IP: [whatismyip.dn42](http://whatismyip.dn42/)

+http://ipip.map.dn42/whois?ip=[DN42_IP]&lang=en

+Windows only, no virus scan report available, but our DLL source is provided with the modified client. It's highly recommended to run this tool in a sandbox.

+Preview: http://img.dn42/images/GEOTRACE42.jpg

+### ASN Authentication Solution

+Authenticate your users by having them verify their ASN ownership with KIOUBIT-MNT using their registry-provided methods in an automated way.

+More Information in the setup tutorial: https://dn42.g-load.eu/auth/documentation/tutorial.html

+To use the service, please message Kioubit on IRC to have your domain activated.

+| http://j.munsternet.dn42 | Jellyfin instance with movies and TV shows (test). |

+| Hostname / IP | Remarks |

+|:------------------------------------------------- |:-------------------------------------------------------------- |

+| http://stream.media.dn42/ | icecast-relay, contact toBee for more streams (DOWN 2020-11-02)|

+| https://invidious.doxz.dn42/ | Invidious instance with proxy (Youtube) |

+| http://radio.hex.dn42/ | Ambient musics |

+| ntp.yuetau.dn42 (172.21.68.50) | Anycast on all node |

+| 172.20.34.168 | Minecraft | 1.16.4, Bedrock supported, Abuse may lead to a network-wide ban or peer removal |

+| mc.nia.dn42 (172.20.168.133, fd01:1926:817:3::) | Minecraft | 1.16.4 Mod, Optimized for CN |

+| stk.jerry.dn42:2759, stk.jerry.neo:2759 | SuperTuxKart | latest, IPv4 only |

+| JerryXiao | ssh [email protected] | dn42 and icvpn |looking glass| - |

+### NAT64

+

+Niantic Network (AS4242421331) is providing a NAT64 service at Strategic Explorations (AS207268).

+

+* IPv6 at public Internet: `2a0e:b107:b7f::[DN42 IPv4]`

+

+* IPv4 endpoint at DN42:

+ * `172.20.158.177`: Seattle

+ * `172.20.158.178`: Singapore

+

+* DNS64: `2602:feda:3c9::` or `dns.strexp.net`

+

+DN42 ACME CA

+==================

+

+Certificates can be automatically generated with the [ACME-CA](http://acme.dn42). More information can be found on [acme.dn42](http://acme.dn42/)

+

+|dn42.fi|

+|dn42.tk|

+

+option inet6 # Linux/glibc

+family inet6 inet4 # BSD

+ - Setup your maintainer object according to [Automatic CA](/services/Automatic-CA)

+| 4242420181 | ext: https://lg.dn42.miegl.cz <br> dn42: http://lg.mgl.dn42 | UP |

+| 4242420827 | ext: https://lg.aasg.name <br> dn42: http://lg.lorkep.dn42 <br> Interactive (traceroute, BGP-map) <br> IPv6 only | UP |

+| 4242420925 | dn42: https://lg.yuetau.dn42/ <br> ext: https://lg-dn42.yuetau.net | UP |

+| 4242420977 | ext: https://lg.moerail.ml <br> dn42: http://lg.moerail.dn42 | UP |

+| 4242421055 | dn42: http://lg.tmwawpl.dn42 | UP |

+| 4242421224 | dn42: http://lg.bit.dn42 | UP |

+| 4242421331<br>4242421332<br>207268 | ext: https://lg.strexp.net <br> dn42: http://lg.nia.dn42 | UP |

+| 4242421722 | ext: https://lg42.tchekda.fr <br> dn42: http://lg42.tchekda.dn42/ | UP |

+| 4242421876<br>211876 | ext: https://lg42.fixmix.network<br>dn42: https://lg.fixmix.dn42 | UP |

+| 4242422092 | ext: https://lg.dn42.pebkac.gr <br> dn42: http://lg.pebkac.dn42 <br> IPv4 and IPv6 | UP |

+| 4242422189 | dn42: http://lg.iedon.dn42 | UP |

+| 4242422237 | ext: https://lg.dn42.munsternet.eu | UP |

+| 4242422341 | ext: https://lg.dn42.zotan.network <br> dn42: https://lg.zotan.dn42 | UP |

+| 4242422428 | ext: https://lg.0l.de <br> IPv4 and IPv6 | UP |

+| 4242422547 | ext: https://lg.lantian.pub <br> dn42: http://lg.lantian.dn42 | UP |

+| 4242422633 | dn42: http://lg.eb.dn42/ <br> ext: https://lg.eastbnd.com/ | UP |

+| 4242423315 | ext: http://lg.unknownts.tk <br> dn42: http://unknownts.dn42 | UP |

+| 4242423088 | ext: https://lg.dn42.6700.cc <br> dn42: http://lg.sun.dn42/ | UP |

+| 4242423735 | ext: https://lg.dn42.cperrin.xyz <br> dn42: http://lg.cperrin.dn42 | UP |

+| 4242423905 | ext: https://dn42-svc.weiti.org/ulg/ <br> dn42: https://lg.weiti.dn42/ | UP |

+| 4242420197 | ext: https://lg.n0emis.eu <br> dn42: https://lg.n0emis.dn42 (soon) | UP |

+| 4242421231 | dn42: http://lg.caesia.dn42 <br> ext: https://lg.caesia.net | UP |

+| 4242422016 | ext: https://dn42.sidereal.ca <br> dn42: https://lg.sidereal.dn42 | DOWN |

+| 4242423955 | dn42: http://lg.flo.dn42 | DOWN |

+| 4242423973 | dn42: http://lg.technopoint.dn42 <br> (traceroute, BGP-map) IPv4 only. | DOWN |

+| 4242423993 | ext: https://lg.2f30.org/ <br> IPv4 only. | DOWN |

+# Global Route Collector

+

+The Global Route Collector (GRC) provides a real time view of routing and peering across DN42 and can be used to generate maps, stats or just query how routes are being propagated across the network.

+

+Technically the GRC is a [bird](https://bird.network.cz/) instance that anyone can peer with, it imports all routes whilst exporting none and provides a number of interfaces for querying the route data.

+

+Data from the GRC is used to generate some of the DN42 Maps (see the [[Internal Services|/internal/Internal-Services]] page).

+

+## Peering with the collector

+

+The collector uses the dynamic peering capability in Bird2 to allow anyone to peer with it without any new server side configuration being required. The collector relies on users peering with it across the network so the more peers the better and the more comprehensive the collector data will be.

+

+||Details|

+|:--|:--|

+| ASN | AS4242422602 |

+| Hostname | collector.dn42 |

+| IPv4 Address | 172.20.129.4 |

+| IPv6 Address | fd42:4242:2601:ac12::1 |

+

+### BGP Configuration

+

+ - Unlike normal DN42 peerings, you must enable multihop to peer with the collector

+ - The collector supports Multiprotocol BGP, so you don't need to configure separate IPv4 and IPv6 sessions

+ - Please enable the Add Paths BGP extension to export all available routes

+

+Example bird2 config:

+

+```text

+protocol bgp ROUTE_COLLECTOR

+{

+ local as ***YOUR_ASN***;

+ neighbor fd42:4242:2601:ac12::1 as 4242422602;

+

+ # enable multihop as the collector is not locally connected

+ multihop;

+

+ ipv4 {

+ # export all available paths to the collector

+ add paths tx;

+

+ # import/export filters

+ import none;

+ export filter {

+ # export all valid routes

+ if ( is_valid_network() && source ~ [ RTS_STATIC, RTS_BGP ] )

+ then {

+ accept;

+ }

+ reject;

+ };

+ };

+

+ ipv6 {

+ # export all available paths to the collector

+ add paths tx;

+

+ # import/export filters

+ import none;

+ export filter {

+ # export all valid routes

+ if ( is_valid_network_v6() && source ~ [ RTS_STATIC, RTS_BGP ] )

+ then {

+ accept;

+ }

+ reject;

+ };

+ };

+}

+```

+

+

+## Querying the collector

+

+### Looking Glass

+

+The collector runs a looking glass based on [bird-lg-go](https://github.com/xddxdd/bird-lg-go).

+

+ - [https://lg.collector.dn42/](https://lg.collector.dn42/)

+

+### MRT Dumps

+

+[MRT Dumps](https://tools.ietf.org/html/rfc6396) are produced by the collector every 10 minutes. Bird produces MRT dumps corresponding to tables, so two separate dumps are created, one for IPv4 (master4) and one for IPv6 (master6). The 10 minutes dumps are available for one week before being reduced down to one a day.

+

+ - [https://mrt.collector.dn42](https://mrt.collector.dn42)

+

+The latest dumps can always be found at the following URLs:

+

+ - [https://mrt.collector.dn42/master4_latest.mrt.bz2](https://mrt.collector.dn42/master4_latest.mrt.bz2)

+ - [https://mrt.collector.dn42/master6_latest.mrt.bz2](https://mrt.collector.dn42/master6_latest.mrt.bz2)

+

+### Prometheus Metrics

+

+The collector runs [bird_exporter](https://github.com/czerwonk/bird_exporter) and prometheus style metrics are available at the following URL:

+

+ - [http://collector.dn42:9324/metrics](http://collector.dn42:9324/metrics)

+

+### SSH Interface

+

+The collector bird instance can be queried directly using a birdc shell.

+

+ - ssh [email protected]

+

+```sh

+$ ssh [email protected]

+------------------------------------

+* DN42 Global Route Collector *

+------------------------------------

+* http://collector.dn42/

+

+This service provides a bird2 shell

+for querying the route collector

+

+Be nice, access is logged and

+abuse will not be tolerated

+------------------------------------

+BIRD burble-2.0.8-210322-1-ge6133456 ready.

+Access restricted

+bird> show route count

+bird> 297441 of 297441 routes for 502 networks in table master4

+286007 of 286007 routes for 427 networks in table master6

+1437 of 1437 routes for 1437 networks in table dn42_roa4

+1231 of 1231 routes for 1231 networks in table dn42_roa6

+Total: 586116 of 586116 routes for 3597 networks in 4 tables

+bird>

+

+```

+

+Mirrors are hosted at `asn.grmml.dn42` and `asn.lorkep.dn42`.

+};

+forward-zones-recurse=dn42=172.20.0.53,hack=172.20.0.53,ffhh=172.20.0.53,ffac=172.20.0.53,020=172.20.0.53,adm=172.20.0.53,ffa=172.20.0.53,ffhb=172.20.0.53,ffc=172.20.0.53,ffda=172.20.0.53,ffdh=172.20.0.53,ff3l=172.20.0.53,fffl=172.20.0.53,ffffm=172.20.0.53,fffr=172.20.0.53,fffd=172.20.0.53,ffgl=172.20.0.53,fflln=172.20.0.53,ffbcd=172.20.0.53,ffbgl=172.20.0.53,ffgoe=172.20.0.53,ffgt=172.20.0.53,ffh=172.20.0.53,helgo=172.20.0.53,ffhef=172.20.0.53,ffj=172.20.0.53,ffka=172.20.0.53,ffki=172.20.0.53,ffhl=172.20.0.53,fflux=172.20.0.53,ffms=172.20.0.53,mueritz=172.20.0.53,ffnord=172.20.0.53,ffnw=172.20.0.53,ffoh=172.20.0.53,ffpb=172.20.0.53,ffpi=172.20.0.53,ffrade=172.20.0.53,ffrgb=172.20.0.53,ffrg=172.20.0.53,rzl=172.20.0.53,ffsaar=172.20.0.53,fftr=172.20.0.53,fftdf=172.20.0.53,ffwk=172.20.0.53,ffgro=172.20.0.53,ffwk=172.20.0.53,ffwp=172.20.0.53,ffw=172.20.0.53,20.172.in-addr.arpa=172.20.0.53,21.172.in-addr.arpa=172.20.0.53,22.172.in-addr.arpa=172.20.0.53,23.172.in-addr.arpa=172.20.0.53,31.172.in-addr.arpa=172.20.0.53,c.f.ip6.arpa=172.20.0.53