FAQ.md
... ...
@@ -29,6 +29,11 @@ issues. There may still be references back to monotone in some of the documentat
29 29
30 30
https://git.dn42.dev/dn42/registry (https://git.dn42/dn42/registry)
31 31
32
+### Can I use Windows to clone and update the registry ?
33
+
34
+No. The registry includes IPv6 resources but NTFS does not support having a `:` in filenames.
35
+
36
+A simple workaround is to use a non-Windows VM to do your changes.
32 37
33 38
### Can I reuse my public AS number/IPv4/IPv6?
34 39
Home.md
... ...
@@ -1,8 +1,8 @@
1 1
## About dn42
2 2
3
-dn42 is a big dynamic [VPN](http://en.wikipedia.org/wiki/Virtual_private_network), which employs Internet technologies ([BGP](http://en.wikipedia.org/wiki/Bgp), whois database, [DNS](http://en.wikipedia.org/wiki/Domain_Name_System), etc). Participants connect to each other using network tunnels ([GRE](/howto/GRE-on-FreeBSD), [OpenVPN](/howto/openvpn), [Tinc](/howto/tinc), [IPsec](/howto/IPsec-with-PublicKeys)) and exchange routes thanks to the Border Gateway Protocol. Network addresses are assigned in the `172.20.0.0/14` range and private AS numbers are used (see [registry](/services/Whois)) as well as IPv6 addresses from the ULA-Range (`fd00::/8`) - see [FAQ](https://internal.dn42/FAQ#frequently-asked-questions_what-about-ipv6-in-dn42).
3
+dn42 is a big dynamic [VPN](http://en.wikipedia.org/wiki/Virtual_private_network), which employs Internet technologies ([BGP](http://en.wikipedia.org/wiki/Bgp), whois database, [DNS](http://en.wikipedia.org/wiki/Domain_Name_System), etc). Participants connect to each other using network tunnels ([GRE](/howto/GRE-on-FreeBSD), [OpenVPN](/howto/openvpn), [Tinc](/howto/tinc), [IPsec](/howto/IPsec-with-PublicKeys)) and exchange routes thanks to the Border Gateway Protocol. Network addresses are assigned in the `172.20.0.0/14` range and private AS numbers are used (see [registry](/services/Whois)) as well as IPv6 addresses from the ULA-Range (`fd00::/8`) - see [FAQ](/FAQ#frequently-asked-questions_what-about-ipv6-in-dn42).
4 4
5
-A number of services are provided on the network: see [internal](http://wiki.dn42/internal/Internal-Services) (only available from within dn42). Also, dn42 is interconnected with other networks, such as [ChaosVPN](http://wiki.hamburg.ccc.de/ChaosVPN) or some [Freifunk](http://en.wikipedia.org/wiki/Freifunk) networks.
5
+A number of services are provided on the network: see [internal](/internal/Internal-Services) (only available from within dn42). Also, dn42 is interconnected with other networks, such as [ChaosVPN](http://wiki.hamburg.ccc.de/ChaosVPN) or some [Freifunk](http://en.wikipedia.org/wiki/Freifunk) networks.
6 6
7 7
Still have questions? We have [[FAQs|FAQ]] listed.
8 8
... ...
@@ -39,7 +39,6 @@ The [[Getting started|howto/Getting-Started]] page helps you to get your first n
39 39
* [Wikipedia about dn42](http://en.wikipedia.org/wiki/Decentralized_network_42)
40 40
* [Lecture on 26c3](http://events.ccc.de/congress/2009/Fahrplan/events/3504.en.html)
41 41
* [Lecture on GPN8](http://entropia.de/wiki/GPN8:dn42)
42
- * [soup.io group](http://dn42.soup.io/)
43 42
* [nobody about dn42](http://nowhere.ws/guides/dn42/)
44 43
* [Lecture on mrmcd0x8](http://web.archive.org/web/20090831211324/http://mrmcd0x8.metarheinmain.de/fahrplan/events/3321.de.html)
45 44
* [dn42-category in hackerspaces.org wiki](https://hackerspaces.org/wiki/Category:DN42)
... ...
@@ -60,7 +59,6 @@ The [[Getting started|howto/Getting-Started]] page helps you to get your first n
60 59
* [freifunk](http://freifunk.net)
61 60
* [NoName e.V. Heidelberg](https://www.noname-ev.de)
62 61
* [raumzeitlabor/hackerspace rhein-neckar](http://www.raumzeitlabor.de)
63
-* [Cyberpipe](https://www.kiberpipa.org)
64 62
* [Hackerspace Brussels (HSB)](http://hackerspace.be)
65 63
* [[hsmr] / Hackspace Marburg](https://hsmr.cc)
66 64
* [Whitespace (0x20)](http://www.0x20.be)
... ...
@@ -68,7 +66,7 @@ The [[Getting started|howto/Getting-Started]] page helps you to get your first n
68 66
* [SNE group](https://www.os3.nl)
69 67
* [smrsh](http://www.smrsh.net)
70 68
* [Hackspace Jena e.V.](https://kraut.space)
71
-* [breizh-entropy](http://breizh-entropy.dn42)
69
+* [Breizh-Entropy](http://wiki.breizh-entropy.org/wiki/DN42)
72 70
* [Fédération FDN](https://www.ffdn.org)
73 71
* [Le LOOP](https://leloop.org/)
74 72
* [Hackerspace Bielefeld](https://hackerspace-bielefeld.de)
... ...
@@ -76,7 +74,7 @@ The [[Getting started|howto/Getting-Started]] page helps you to get your first n
76 74
77 75
## About this wiki
78 76
79
-This wiki is the main reference about dn42. It is available in read-only mode [from the Internet](https://dn42.net), [tor](http://jsptropkiix3ki5u.onion) and [i2p](http://beb6v2i4jevo72vvnx6segsk4zv3pu3prbwcfuta3bzrcv7boy2q.b32.i2p/) and for editing from within dn42, at [https://wiki.dn42](https://wiki.dn42) - [https](services/Certificate-Authority) required for editing.
77
+This wiki is the main reference about dn42. It is available in read-only mode from the Internet [here](https://wiki.dn42.us) or [here](https://dn42.dev) or [here](https://dn42.tk) or [here](https://dn42.eu), [tor](http://jsptropkiix3ki5u.onion) and [i2p](http://beb6v2i4jevo72vvnx6segsk4zv3pu3prbwcfuta3bzrcv7boy2q.b32.i2p/) and for editing from within dn42, at [https://wiki.dn42](https://wiki.dn42) - [https](services/Certificate-Authority) required for editing.
80 78
81 79
#### DN42 Logo
82 80
_Sidebar.md
... ...
@@ -12,6 +12,8 @@
12 12
* [[IPsec With Public Keys|howto/IPsec-with-PublicKeys]]
13 13
* [[Tinc|howto/tinc]]
14 14
* [[GRE on FreeBSD|howto/GRE-on-FreeBSD]]
15
+ * [[GRE on OpenBSD|howto/GRE-on-OpenBSD]]
16
+ * [[IPv6 Multicast (PIM-SM)|howto/IPv6-Multicast]]
15 17
* [[Bird|howto/Bird]] / [[Bird2|howto/Bird2]]
16 18
* [[Quagga|howto/Quagga]]
17 19
* [[OpenBGPD|howto/OpenBGPD]]
... ...
@@ -30,6 +32,7 @@
30 32
* [[Repository Mirrors|services/Repository-Mirrors]]
31 33
* [[Distributed Wiki|services/Distributed-Wiki]]
32 34
* [[Certificate Authority|services/Certificate-Authority]]
35
+ * [[Route Collector|services/Route-Collector]]
33 36
34 37
* Internal
35 38
* [[Internal services|internal/Internal-Services]]
contact.md
... ...
@@ -27,9 +27,10 @@ There are currently multiple decentralized mirrors and domains for the DN42 wiki
27 27
28 28
* [dn42.us](https://wiki.dn42.us) maintained by xuu
29 29
* [dn42.dev](https://dn42.dev) / [wiki.burble.dn42](https://wiki.burble.dn42/) maintained by Burble
30
+ * [dn42.eu](https://dn42.eu) maintained by Nurtic-vibe
31
+ * [dn42.tk](https://dn42.tk) maintained by Androw
30 32
31 33
No longer maintained:
32 34
33
- * [dn42.eu](https://dn42.eu) maintained by Nurtic-vibe
34 35
* [dn42.net](https://dn42.net) maintained by toBee
35 36
* [wiki.dn42.lutoma.org](https://wiki.dn42.lutoma.org) maintained by lutoma
howto/Bird2.md
... ...
@@ -2,7 +2,7 @@ This guide is similar to the normal [Bird](/howto/Bird) guide in that it provide
2 2
3 3
# Arch Linux
4 4
5
-The `extra/bird` package in the arch repositories will usually have a relatively recent version and there is (usually) no need for a manual install over the usual `# pacman -S bird'.
5
+The `extra/bird` package in the arch repositories will usually have a relatively recent version and there is (usually) no need for a manual install over the usual `# pacman -S bird`.
6 6
7 7
# Example configuration
8 8
howto/GRE-on-OpenBSD.md
... ...
@@ -0,0 +1,71 @@
1
+# Point-to-Point Layer 3 GRE tunnel interface
2
+This guide describes how to establish an unencrypted and unauthenticated IPv6-over-IPv6 tunnel on [OpenBSD](https://openbsd.org), see [gre(4) EXAMPLES](http://man.openbsd.org/gre.4#Point-to-Point_Layer_3_GRE_tunnel_interfaces_(gre)_example) for similar setups.
3
+
4
+
5
+# Configuration
6
+Let *A* be the local OpenBSD host and *D* the remote peer, assume public DNS names and IPv6 reachability.
7
+
8
+Let `fd42::` and `fd42::1` be the IPs of *A* and *D* respectively where both are allocated as `/127` subnet from one of the peer's DN42 prefix.
9
+
10
+## pseudo interface
11
+Populate [`/etc/hostname.gre0`](https://man.openbsd.org/hostname.if.5) with:
12
+```
13
+tunnel A.example.com D.example.net
14
+inet6 fd42::/127
15
+```
16
+This will resolve FQDNs at parse time, set *A*'s and *D*'s IPs as source and destination tunnel address and set *A*'s assigned IP as point-to-point address on the interface.
17
+
18
+Replace hostnames in the `tunnel` line with literal IPs if DNS is not available (at system boot).
19
+
20
+Reboot or run [`sh /etc/netstart gre0`](https://man.openbsd.org/netstart.8) to bring up the tunnel.
21
+
22
+## miscellaneous
23
+Populate `/etc/sysctl.conf` with:
24
+```
25
+net.inet.gre.allow=1
26
+```
27
+Reboot or run `sysctl net.inet.gre.allow=1` to allow GRE packet processing.
28
+
29
+-
30
+At this point, `gre0` will be administratively *UP*:
31
+```
32
+$ ifconfig gre0
33
+gre0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1476
34
+ index 22 priority 0 llprio 6
35
+ encap: vnetid none txprio payload rxprio packet
36
+ groups: gre
37
+ tunnel: inet6 2001:db8::a --> 2001:db9::d ttl 64 nodf ecn
38
+ inet6 fe80::221:28ff:fef9:c1d8%gre0 --> prefixlen 64 scopeid 0x16
39
+ inet6 fd42:: --> prefixlen 127
40
+```
41
+
42
+All traffic destined to `fd42::1/127` will be encapsulated and routed to *D*:
43
+```
44
+$ route show
45
+[...]
46
+Internet6:
47
+Destination Gateway Flags Refs Use Mtu Prio Iface
48
+fd42::/127 fd42:: UCn 1 0 - 4 gre0
49
+fd42:: fd42:: UHl 0 0 - 1 gre0
50
+fd42::1 link#0 UHc 0 3180 - 3 gre0
51
+fe80::%gre0/64 fe80::221:28ff:fef9:c1d8%gre0 Un 0 0 - 4 gre0
52
+fe80::221:28ff:fef9:c1d8%gre0 fe80::221:28ff:fef9:c1d8%gre0 UHl 0 0 - 1 gre0
53
+ff01::%gre0/32 fe80::221:28ff:fef9:c1d8%gre0 Um 0 1 - 4 gre0
54
+ff02::%gre0/32 fe80::221:28ff:fef9:c1d8%gre0 Um 0 1 - 4 gre0
55
+[...]
56
+```
57
+```
58
+$ route -n get fd42::1
59
+ route to: fd42::1
60
+destination: fd42::1
61
+ mask: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
62
+ interface: gre0
63
+ if address: fd42::
64
+ priority: 3 ()
65
+ flags: <UP,HOST,DONE,CLONED>
66
+ use mtu expire
67
+ 3181 0 0
68
+```
69
+
70
+# Security
71
+GRE may be protected with IPsec to encrypt and authenticate traffic, [OpenIKED](http://www.openiked.org/) can be used to establish an IKEv2 session between *A* and *D*.
... ...
\ No newline at end of file
howto/Getting-Started.md
... ...
@@ -250,7 +250,8 @@ source: DN42
250 250
#### DNS and Domain Registration
251 251
252 252
*(Optional)*
253
-To register a domain name, create a `dns` object in the data/dns directory.
253
+To register a domain name, create a `dns` object in the data/dns directory.
254
+Domain names and nserver attributes must be lowercase.
254 255
255 256
example: data/dns/foo.dn42
256 257
```
howto/IPv6-Multicast.md
... ...
@@ -0,0 +1,168 @@
1
+# IPv6 Multicast
2
+
3
+The following guide illustrates how to set up an IPv6 multicast router using [PIM-SM](https://en.wikipedia.org/wiki/Protocol_Independent_Multicast#Sparse_mode) (Protocol Independent Multicast in Sparse Mode) with your own personal multicast prefix.
4
+
5
+## Quickstart
6
+
7
+* Install pim6sd from here: https://github.com/troglobit/pim6sd/
8
+ ```sh
9
+ cd /usr/src
10
+ git clone https://github.com/troglobit/pim6sd.git
11
+ cd pim6sd
12
+ ./autogen.sh
13
+ ./configure
14
+ make
15
+ ```
16
+* Find a peer who is already connected to the dn42 multicast backbone
17
+* Calculate your personal, embedded-RP multicast prefix matching your network prefix via [RFC3956](https://tools.ietf.org/html/rfc3956)
18
+ * Example:
19
+ * Pattern: `ff7e:<RIID><plen>:<prefix>::/96`
20
+ * Prefix: `fd00:2001:db8::/48`
21
+ * Prefix length: `48 == 0x30`
22
+ * RIID: An arbitrary number between `0x1` and `0xf`, for instance `0x2`
23
+ * Result:
24
+ * Multicast prefix: `ff7e:230:fd00:2001:db8::/96`
25
+ * RP address: ``fd00:2001:db8::<RIID>`` -> ``fd00:2001:db8::2``
26
+
27
+* Create a dummy interface to hold your calculated unicast Rendezvous Point address. This one needs to be reachable from within dn42. Also set "multicast on" on this dummy interface. Example:
28
+
29
+ ```
30
+ # /etc/network/interfaces.d/pim6sd
31
+ auto pim-router-id
32
+ iface pim-router-id inet manual
33
+ pre-up ip link add name $IFACE type dummy
34
+ post-up ip link set multicast on dev $IFACE
35
+ post-up ip -6 a a fd00:2001:db8::2/128 dev $IFACE
36
+ post-down ip link del $IFACE
37
+ ```
38
+
39
+* Create the configuration file:
40
+
41
+ ```sh
42
+ # /etc/pim6sd.conf
43
+ # disable all interfaces by default
44
+ default_phyint_status disable;
45
+
46
+ # enable the pim-router-id interface first to acquire the correct primary address
47
+ phyint pim-router-id enable;
48
+
49
+ # add multicast-capable peer interfaces below
50
+ phyint dn42-peer1 enable;
51
+
52
+ # configure rendezvous point for the personal multicast prefix
53
+ cand_rp pim-router-id;
54
+ group_prefix ff7e:230:fd00:2001:db8::/96;
55
+ ```
56
+
57
+ The `phyint` statement enables [PIM](https://tools.ietf.org/html/rfc7761) and [MLD](https://tools.ietf.org/html/rfc2710) on the target interface - by default all interfaces are in the disable state. Enable an interface if it is directed towards a multicast-capable peer or other multicast-capable routers in your autonomous system. Also enable it for downstream network segments with multicast listeners and senders, like for example your home (W)LAN segments.
58
+
59
+ With `cand_rp` and `group_prefix` statements you can configure this router as a Rendezvous Point (RP) for your personal multicast group prefix. The address on the interface given as `cand_rp` will be used as the primary address for your RP, it therefore *must* be routable.
60
+
61
+---
62
+
63
+## Testing & Applications
64
+
65
+### Creating a test network namespace
66
+
67
+On your router:
68
+
69
+```sh
70
+allow-hotplug pim-ns0
71
+iface pim-ns0 inet manual
72
+ pre-up ip link add pim-ns0 type veth peer name pim-ns1
73
+ post-up ip netns add pim-ns0
74
+ post-up ip link set addr 02:11:22:00:00:02 netns pim-ns0 name pim-ns0 up dev pim-ns1
75
+ post-up ip link set addr 02:11:22:00:00:01 up dev pim-ns0
76
+ post-up ip -6 a a fdd5:69d5:c530:1::1/64 dev pim-ns0
77
+ post-up ip netns exec pim-ns0 ip -6 a a fdd5:69d5:c530:1::2/64 dev pim-ns0
78
+ post-up ip netns exec pim-ns0 ip -6 r a default via fdd5:69d5:c530:1::1
79
+ post-down ip link del pim-ns0
80
+ post-down ip netns del pim-ns0
81
+```
82
+
83
+You can now switch into this test network namespace via "ip netns exec /bin/bash". Inside this network namespace you can try:
84
+
85
+### Creating a test multicast listener
86
+
87
+```
88
+$ socat -u UDP6-RECV:1234,reuseaddr,ipv6-join-group="[ff7e:230:fdd5:69d5:c530::123]:eth0" -
89
+```
90
+
91
+### Creating a test multicast sender
92
+
93
+First select which interface should be the default one for your multicast traffic. Then send multicast packets via ICMPv6:
94
+
95
+```
96
+$ ip -6 route add ff7e:230:fdd5:69d5:c530::/96 dev eth0 table local
97
+$ ping6 -t 16 ff7e:230:fdd5:69d5:c530::123
98
+```
99
+
100
+The "-t 16", a hop-limit of 16, is important here as **by default all multicast traffic is usually send with a hop-limit of just 1**.
101
+
102
+---
103
+
104
+## Advanced Configurations
105
+
106
+
107
+
108
+### Nomenclature
109
+
110
+#### Bootstrap Router (BSR)
111
+
112
+Router that collects multicast group information from all RP in the network and advertises it across the network.
113
+
114
+#### Rendezvous Point (RP)
115
+
116
+Router where senders and receivers will meet for a certain multicast address. Senders must send their data to it, after which it will be forwarded to receivers. As soon as a receivers DR learns of the sender it will ask their router to forward data along a direct path between sender and receiver.
117
+
118
+#### Designated Router (DR)
119
+
120
+First-hop router that stand in for sender and receiver on their downstream networks. The senders DR sends their data towards the RP encapsulated in PIM Register packets. The receivers DR will send join and prune messages to the RP, managing the group subscription.
121
+
122
+### RFC3306: "Unicast-Prefix-based IPv6 Multicast Addresses"
123
+
124
+Before RFC3956 (embedded RP addresses) personal, network prefix based multicast prefixes were calculated via RFC3306. Example:
125
+
126
+* Pattern: `ff3e:<plen>:<prefix>::/96`
127
+ * Prefix: `fd00:2001:db8::/48`
128
+ * Prefix length: `48 == 0x30`
129
+ * Result: `ff3e:30:fd00:2001:db8::/96`
130
+
131
+* Pros:
132
+ * More flexible RP address selection
133
+ * Allows filtering on the BSR
134
+
135
+* Cons:
136
+ * Needs a central BSR for coordination (or static RP configuration)
137
+ * Allows filtering on the BSR
138
+
139
+However you can usually just announce and use both RFC3306 and RFC3956 based multicast prefixes, if you want to. pim6sd allows adding multiple ``group_prefix`` entries.
140
+
141
+### Address Management
142
+
143
+#### Bootstrap Router
144
+
145
+If you want to be participate as a bootstrap router candidate, please read up on how PIM works first. If you join with a bootstrap router candidate add it here below with contact information and join #dn42-multicast on HackInt:
146
+* <BSR-ADDR1> - [email protected], foo@HackInt
147
+* <BSR-ADDR2> - ...
148
+
149
+#### Shared multicast addresses
150
+
151
+Next to personal multicast prefixes generated by network prefix (RFC3306 or RFC3956) there can also be multicast addresses not owned by a specific AS. In general any one can just set up a multicast sender or listener for those. However to work, they need a reliable RP for coordination.
152
+
153
+If you want to offer an RP candidate for a shared multicast address, please read up on how PIM works first. If you join with an RP candidate for a shared multicast address add it here below with contact information and join #dn42-multicast on HackInt:
154
+* <multicast-address1>/128:
155
+ - <RP-address1> - [email protected], foo@HackInt
156
+ - <RP-address2> - [email protected], bar@HackInt
157
+* <multicast-address2>/128:
158
+ - ...
159
+
160
+## Questions?
161
+
162
+* Join: ``#dn42-multicast`` on ``HackInt``
163
+
164
+---
165
+
166
+ToDo:
167
+* We have a solution for personal multicast prefixes tied to the network prefix of an AS owner. But what to do with multicast addresses that not only have listeners but also senders globally? We could have everyone add an additional "group_prefix ff00::/8" and then multicast router with the lowest address would win and become the central RP for all these addresses... not really scalable, robust or decentral though :-/. Should we use PIM-DM for some of these addresses instead (e.g. ones which generally have a low throughput, for instance Bittorrent Local Peer Discovery)? Or maybe those global addresses should be managed and configured as /128 and people who are interested in managing a specific, global multicast address will coordinate with each other?
168
+* bootstrap router coordination; according to RFCs a bootstrap router can alter/filter the multicast prefixes it received from candidate RPs. Should a bootstrap router check and filter any multicast prefix that was generated from a network prefix which does not match the network prefix used by the PR?
... ...
\ No newline at end of file
howto/wireguard.md
... ...
@@ -48,7 +48,7 @@ $ ip addr add 172.xx.xx.xx/32 peer 172.xx.xx.xx/32 dev <interface_name>
48 48
$ ip link set <interface_name> up
49 49
```
50 50
51
-Nurtic-Vibe has another [script](https://git.dn42.us/Nurtic-Vibe/grmml-helper/src/master/create_wg.sh) to interactively automate the peering process.
51
+<!-- Nurtic-Vibe has another [script](https://git.dn42.us/Nurtic-Vibe/grmml-helper/src/master/create_wg.sh) to interactively automate the peering process. -->
52 52
53 53
Maybe you should check the MTU to your peer with e.g. `ping -s 1472 <end_point_hostname_or_ip>`. If your output looks like `From gateway.local (192.168.0.1) icmp_seq=1 Frag needed and DF set (mtu = 1440)` substract `80` from the MTU and set it via `ip link set dev <interface_name> mtu <calculated_mtu>`
54 54
internal/APIs.md
... ...
@@ -1,10 +1,10 @@
1 1
#Application Programming Interfaces (APIs)
2 2
This page can be useful if you are trying to automate something or if you are trying to retrieve data programmatically.
3 3
4
-##Proving ASN ownership
5
-Through this automated service you prove your ASN ownership to KIOUBIT-MNT who then automatically creates a "ownership verification signature". This signature can be very easily verified by anyone. This removes the hassle from checking every different authentication method in the registry. This is particularly useful for automated setups.
6
-
7
-API Documentation: https://dn42.g-load.eu/api/verify/documentation.txt
4
+##ASN Authentication Solution
5
+Authenticate your users by having them verify their ASN ownership with KIOUBIT-MNT using their registry-provided methods in an automated way.
6
+More Information in the setup tutorial: https://dn42.g-load.eu/auth/documentation/tutorial.html
7
+To use the service, please message Kioubit on IRC to have your domain activated.
8 8
9 9
##Registry REST API
10 10
internal/Historical-Services.md
... ...
@@ -43,24 +43,32 @@ http://mwd.dn42/dns.php
43 43
MWD will also provide a secondary DNS server and/or cacti monitoring of your devices. Just ask on IRC. More info: http://mwd.dn42
44 44
45 45
### Getting your current dn42 IPv4/IPv6 address
46
+ * What is my IP: [ip4.dn42](http://ip4.dn42/), [ip6.dn42](http://ip6.dn42/)
46 47
47
-http://wieistmeineip.dn42 provides a service like http://wieistmeineip.de, but for dn42.
48
+ * http://wieistmeineip.dn42 provides a service like http://wieistmeineip.de, but for dn42.
48 49
wieistmeineip.dn42 also provides a telnet service that returns the address you connected with. This service only shows you the address of the preferred protocol, but there are also ipv4.wieistmeineip.dn42 and ipv6.wieistmeineip.dn42 that accept only connections via IPv4/IPv6.
49 50
50
-You can also use http://whatismyip.dn42 from inside dn42 to get your IPv4 and IPv6 address. It also returns information about your latency, netblock details, and route information.
51
+ * You can also use http://whatismyip.dn42 from inside dn42 to get your IPv4 and IPv6 address. It also returns information about your latency, netblock details, and route information.
51 52
52
-An alternative is available at https://ip.naive.network, which displays your clearnet and dn42 IP addresses.
53
+ * An alternative is available at https://ip.naive.network, which displays your clearnet and dn42 IP addresses.
53 54
54 55
## Search engines
55 56
56 57
| Hostname / IP | Remarks |
57 58
|:------------------------------------------------- |:-------------------------------------------------------- |
58 59
| http://yacy.dn42 (OFFLINE 2020-01-18) | YaCy search engine. Indexing local nets |
59
-| _Configuring Yacy Network settings:_ |[YaCy Network Configuration](http://yacy.dn42/yacy.network.dn42.unit) |
60
-
60
+| _Configuring Yacy Network settings:_ |[YaCy Network Configuration](http://yacy.dn42/yacy.network.dn42.unit) |
61
+| http://mhm.dn42/search | Hosted by toBee |
61 62
62 63
## File Sharing
63 64
65
+### FTP / HTTP
66
+
67
+| Hostname / IP | Space | Speed | Remarks |
68
+|:----------------------------------------------------------- |:----- |:----------- |:---------------------------------- |
69
+| http://filer.mhm.dn42 | 4TB | 1GBit | 24/7/365 |
70
+| http://data.0l.dn42 | 5TB | 1GBit | 24/7/365, download, dn42 MRT dumps |
71
+
64 72
### Tahoe LAFS
65 73
Some people runs [Tahoe LAFS](/services/Tahoe-LAFS) nodes to provide a secure decentralized crypted file storage but in dn42.
66 74
... ...
@@ -84,6 +92,10 @@ Until browsers have ipfs access (either through native support or js), one can u
84 92
https://rest.dn42/
85 93
```
86 94
95
+### Torrent Search Engine
96
+
97
+* https://magnetic.dn42 (DHT Search Engine)
98
+
87 99
### Torrent Index
88 100
89 101
* http://torrents.dn42
internal/Internal-Services.md
... ...
@@ -2,7 +2,7 @@
2 2
3 3
You are asked to show some creativity in terms of network usage and content. ;)
4 4
5
-**More inspiration is collected [here](/internal/Historical-Services) and [here](/internal/ideas).**
5
+**More inspiration is collected [here](/internal/Historical-Services) and [here](/internal/Ideas).**
6 6
7 7
## CA
8 8
... ...
@@ -13,12 +13,14 @@ zotan is maintaining an (experimental, but working) [ACME server](https://acme.d
13 13
## Network-related
14 14
* See [[Looking Glasses|/services/Looking-Glasses]] for more network diagnostic tools
15 15
* Realtime network map: [map.dn42](http://map.dn42/) (via DN42) or [map42.0x7f.cc](https://map42.0x7f.cc) (via clearnet) _(Note: This is a direct copy of nixnodes map with some fixes and new functions since original map is no longer get maintained. This map uses the GRC as source, so it would be more comprehensive than original one. Data refreshes every 20~30 minutes.)_
16
+ * Network Information Service: [info.nia.dn42](http://info.nia.dn42) (DN42) or [bgp42.strexp.net](https://bgp42.strexp.net) (IANA). Main functions including _network information_, _network map (from map.dn42, require WebGL)_, _network ranking (based on centrality)_, _ROA alerting_ and _path finder_.
17
+ * Yet Another WIP network map: [map.jerry.dn42](http://map.jerry.dn42/) (via DN42) or [map.meson.cc](https://map.meson.cc) (via clearnet) _(uses GRC shell as source, updated every 24 hours.)_
16 18
* Nixnodes original Map of the network: [map.nixnodes.net](http://map.nixnodes.net)
17 19
* DN42 IP address lookup tool: [dn42.g-load.eu/ip](https://dn42.g-load.eu/ip/)
18 20
* New DNS System monitoring: [grafana.burble.com/d/E4iCaHoWk/dn42-dns-status](https://grafana.burble.com/d/E4iCaHoWk/dn42-dns-status?orgId=1&refresh=1m)
19 21
* DN42 Toplevel domain DNS monitoring: [gatuno.dn42/dns](http://gatuno.dn42/dns)
20 22
* Free DNS Hosting. You can host any toplevel or subdomain from dn42: [gatuno.dn42/managed](http://gatuno.dn42/managed/)
21
- * What is my IP: [whatismyip.dn42](http://whatismyip.dn42/), [ip4.dn42](http://ip4.dn42/), [ip6.dn42](http://ip6.dn42/)
23
+ * What is my IP: [whatismyip.dn42](http://whatismyip.dn42/)
22 24
23 25
24 26
### GeoIP Services
... ...
@@ -27,31 +29,24 @@ zotan is maintaining an (experimental, but working) [ACME server](https://acme.d
27 29
#### API
28 30
Results are in JSON format.
29 31
30
-http://ipip.map.dn42/whois?ip=[DN42_IP]&lang=en
31
-
32
+http://ipip.map.dn42/whois?ip=[DN42_IP]&lang=en
32 33
http://ipip.map.dn42/whois?asn=AS[DN42_ASN]
33 34
34 35
#### Client
35 36
There is a client software using above apis to provide GeoIP-based traceroute.
36 37
It is a modified IPIP.NET Best Trace software with DN42 support injection.
37 38
38
-Windows only, no virus scan report available, but our DLL source is provided with the modified client.
39
-
40
-It's highly recommended to run this tool in a sandbox.
39
+Windows only, no virus scan report available, but our DLL source is provided with the modified client. It's highly recommended to run this tool in a sandbox.
41 40
42 41
** Since the original software is not open source, so use it at your own risk. **
43 42
44
-Preview: http://img.dn42/images/GEOTRACE42.jpg
45
-
43
+Preview: http://img.dn42/images/GEOTRACE42.jpg
46 44
Link: http://map.dn42/BestTrace42.zip
47 45
48
-### Proving ASN ownership
49
-Through this automated service you prove your ASN ownership to KIOUBIT-MNT who then automatically creates a "ownership verification signature".
50
-This signature can be very easily verified by anyone. This removes the hassle from checking every different authentication method in the registry. This is particularly useful for automated setups.
51
-
52
-Manual Verification: https://dn42.g-load.eu/verify/manual/
53
-
54
-API: https://dn42.g-load.eu/verify/documentation.txt
46
+### ASN Authentication Solution
47
+Authenticate your users by having them verify their ASN ownership with KIOUBIT-MNT using their registry-provided methods in an automated way.
48
+More Information in the setup tutorial: https://dn42.g-load.eu/auth/documentation/tutorial.html
49
+To use the service, please message Kioubit on IRC to have your domain activated.
55 50
56 51
## IRC
57 52
... ...
@@ -67,27 +62,21 @@ API: https://dn42.g-load.eu/verify/documentation.txt
67 62
|:--------------|:--------|
68 63
| https://lounge.burble.dn42 | [thelounge](https://thelounge.chat/) for lurking on #dn42, see [burble.dn42 services](https://dn42.burble.com/home/burble-dn42-services). |
69 64
70
-## Search engines
71
-
72
-| Hostname / IP | Remarks |
73
-|:------------------------------------------------- |:-------------------------------------------------------- |
74
-| http://mhm.dn42/search | Hosted by toBee |
75
-
76 65
## Images, E-Books, Videos and other Media
77 66
78 67
| Hostname / IP | Remarks |
79 68
|:------------------------------------------------- |:-------------------------------------------------------- |
80 69
| http://img.dn42 | Imagehoster |
81 70
| http://chan.dn42 | DN42-Chan, an imageboard |
82
-| http://j.munsternet.dn42 | Jellyfin instance with movies and TV shows (test)
83
-|
71
+| http://j.munsternet.dn42 | Jellyfin instance with movies and TV shows (test). |
84 72
85 73
## Radio and Video Streaming
86 74
87
-| Hostname / IP | Remarks |
88
-|:------------------------------------------------- |:-------------------------------------------------------- |
89
-| http://stream.media.dn42/ | icecast-relay, contact toBee for more streams |
90
-| https://invidious.doxz.dn42/ | Invidious instance with proxy (Youtube) |
75
+| Hostname / IP | Remarks |
76
+|:------------------------------------------------- |:-------------------------------------------------------------- |
77
+| http://stream.media.dn42/ | icecast-relay, contact toBee for more streams (DOWN 2020-11-02)|
78
+| https://invidious.doxz.dn42/ | Invidious instance with proxy (Youtube) |
79
+| http://radio.hex.dn42/ | Ambient musics |
91 80
92 81
### Direct Connect
93 82
Some [Advanced Direct Connect](https://en.wikipedia.org/wiki/Advanced_Direct_Connect) Hubs are being run DN42 internally. Choose a [client](https://en.wikipedia.org/wiki/Comparison_of_ADC_software#Client_software) and connect to exchange files.
... ...
@@ -106,12 +95,6 @@ Some [Advanced Direct Connect](https://en.wikipedia.org/wiki/Advanced_Direct_Con
106 95
|:----------------------------------------------------------- |:----- |:----------- |:---------------------------------------------- |
107 96
| http://seafile.dn42 | | | Opensource Dropbox, yay! |
108 97
| http://files.nop.dn42 | | max 1Mbit/s | download only |
109
-| http://filer.mhm.dn42 | 4TB | 1GBit | 24/7/365 |
110
-| http://data.0l.dn42 | 5TB | 1GBit | 24/7/365, download, dn42 MRT dumps |
111
-
112
-### Torrent Search Engine
113
-
114
-- https://magnetic.dn42 (DHT Search Engine)
115 98
116 99
## Proxies
117 100
... ...
@@ -133,6 +116,7 @@ A MTProxy server is available at [mtp.jerry.dn42:8044](https://t.me/proxy?server
133 116
| tick.gotroot.dn42 (172.20.14.247) | Stratum 1, GPS, Vancouver Canada |
134 117
| tock.gotroot.dn42 (172.20.14.250) | Stratum 2, Anycast on each node |
135 118
| *.burble.dn42 | All burble.dn42 nodes are part of the NTP Pool and provide NTP over clearnet and DN42. See also [burble.dn42 services](https://dn42.burble.com/home/burble-dn42-services) |
119
+| ntp.yuetau.dn42 (172.21.68.50) | Anycast on all node |
136 120
137 121
## OS Mirror/Repository's
138 122
... ...
@@ -144,11 +128,12 @@ Repository Mirrors are listed on another page: [Repository Mirrors](/services/Re
144 128
| Hostname / IP | Game | Remarks |
145 129
|:------------------------------------------------- |:---------------------- |:-------------------------- |
146 130
| hulk.mhm.dn42 (172.23.67.1) | Tetrinet | |
147
-| mc.nia.dn42 (172.20.168.133, fd01:1926:817:3::) | Minecraft | 1.16.1, Optimized for CN |
131
+| 172.20.34.168 | Minecraft | 1.16.4, Bedrock supported, Abuse may lead to a network-wide ban or peer removal |
132
+| mc.nia.dn42 (172.20.168.133, fd01:1926:817:3::) | Minecraft | 1.16.4 Mod, Optimized for CN |
148 133
| ttd.nia.dn42 (172.20.168.132, fd01:1926:817:2::) | OpenTTD | 1.10.1, Optimized for CN |
149 134
| mc.jerry.dn42 | Minecraft | 1.16.3, IPv4 & IPv6 |
150 135
| ttd.jerry.dn42 | OpenTTD | latest, IPv4 & IPv6 |
151
-| stk.jerry.dn42:2759 | SuperTuxKart | latest, IPv4 only, NeoNetwork users please use stk.jerry.neo |
136
+| stk.jerry.dn42:2759, stk.jerry.neo:2759 | SuperTuxKart | latest, IPv4 only |
152 137
| ns1.deltaman.dn42 (172.22.134.131, fd1b:7f7d:dd55:4600:219:ff:fe00:fafe) | OpenTTD | 1.10.3, Hosted in NL |
153 138
154 139
## Shell
... ...
@@ -158,7 +143,7 @@ Providers of shell access:
158 143
| Person | Hostname | Net | Description | Contact |
159 144
|:------------- |:------------------------------------ |:---------------- |:----------- |:------------- |
160 145
| mc36 | telnet test.nop.dn42 | dn42 only |looking glass| - |
161
-| JerryXiao | ssh [email protected] | dn42 and neonet |looking glass| - |
146
+| JerryXiao | ssh [email protected] | dn42 and icvpn |looking glass| - |
162 147
163 148
164 149
## Misc
... ...
@@ -187,6 +172,18 @@ There are some News Servers available [here](/services/News)
187 172
* https://mirror.frubar.net 100MBit
188 173
* https://frucman.frubar.net
189 174
175
+### NAT64
176
+
177
+Niantic Network (AS4242421331) is providing a NAT64 service at Strategic Explorations (AS207268).
178
+
179
+* IPv6 at public Internet: `2a0e:b107:b7f::[DN42 IPv4]`
180
+
181
+* IPv4 endpoint at DN42:
182
+ * `172.20.158.177`: Seattle
183
+ * `172.20.158.178`: Singapore
184
+
185
+* DNS64: `2602:feda:3c9::` or `dns.strexp.net`
186
+
190 187
## AnoNet
191 188
192 189
A wiki page dedicated to the AnoNet Network: http://wiki.qontrol.nl/Anonet
services/Automatic-CA.md
... ...
@@ -1,3 +1,8 @@
1
+DN42 ACME CA
2
+==================
3
+
4
+Certificates can be automatically generated with the [ACME-CA](http://acme.dn42). More information can be found on [acme.dn42](http://acme.dn42/)
5
+
1 6
DN42 Self-Serve CA
2 7
==================
3 8
services/Clearnet-Domains.md
... ...
@@ -6,6 +6,9 @@ To provide services over the public internet some community members have contrib
6 6
|:--|
7 7
|dn42.dev|
8 8
|dn42.no|
9
+|dn42.fi|
10
+|dn42.tk|
11
+
9 12
10 13
DNS records for these domains are managed by a gitea repository:
11 14
services/DNS.md
... ...
@@ -39,6 +39,8 @@ nameserver fd42:d42:d42:53::1
39 39
nameserver fd42:d42:d42:54::1
40 40
nameserver 172.23.0.53
41 41
nameserver 172.20.0.53
42
+option inet6 # Linux/glibc
43
+family inet6 inet4 # BSD
42 44
search dn42
43 45
```
44 46
services/Distributed-Wiki.md
... ...
@@ -78,7 +78,7 @@ RACK_ENV=production gollum --css --host 127.0.0.1 --port 4567 --no-edit <path>
78 78
79 79
#### SSL
80 80
81
- - Setup your maintainer object according to [Automatic CA](https://internal.dn42/services/Automatic-CA)
81
+ - Setup your maintainer object according to [Automatic CA](/services/Automatic-CA)
82 82
- Generate a [CSR](/services/Certificate-Authority) and send DNS Key Pin to [[email protected]](mailto:[email protected]):
83 83
- \<AS> is the as number with the prefix `as` like `as64737-ca.wiki.dn42`
84 84
services/Looking-Glasses.md
... ...
@@ -14,32 +14,41 @@ Please sort by AS number.
14 14
| 4242420022 | dn42: http://mhm.dn42:5001 | UP |
15 15
| 4242420123 | dn42: https://lg.grmml.dn42 <br> Interactive (traceroute, BGP-map) | UP |
16 16
| 4242420151 | ext: ssh [email protected] <br> restricted bird shell | UP |
17
+| 4242420181 | ext: https://lg.dn42.miegl.cz <br> dn42: http://lg.mgl.dn42 | UP |
17 18
| 4242420321 | dn42: http://lg.dn42 <br> Interactive (traceroute, BGP-map) | UP |
19
+| 4242420827 | ext: https://lg.aasg.name <br> dn42: http://lg.lorkep.dn42 <br> Interactive (traceroute, BGP-map) <br> IPv6 only | UP |
20
+| 4242420925 | dn42: https://lg.yuetau.dn42/ <br> ext: https://lg-dn42.yuetau.net | UP |
21
+| 4242420977 | ext: https://lg.moerail.ml <br> dn42: http://lg.moerail.dn42 | UP |
18 22
| 4242421050 | ext: https://lg.dn42.napshome.net <br> dn42: http://lg.napshome.dn42 | UP |
23
+| 4242421055 | dn42: http://lg.tmwawpl.dn42 | UP |
19 24
| 4242421080 | dn42: http://lg.jlu5.dn42 | UP |
20 25
| 4242421099 | ext: https://lg.owensresearch.org <br> dn42: https://lg.owensresearch.dn42/ <br> BGP Route, BGP Community, BGP AS Path, Ping, and Traceroute | UP |
21
-| 4242421231 | dn42: http://lg.caesia.dn42 <br> ext: https://lg.caesia.net | UP |
26
+| 4242421224 | dn42: http://lg.bit.dn42 | UP |
27
+| 4242421331<br>4242421332<br>207268 | ext: https://lg.strexp.net <br> dn42: http://lg.nia.dn42 | UP |
22 28
| 4242421588 | dn42: http://lg.tech9computers.dn42 <br> Interactive (traceroute, BGP-map) | UP |
29
+| 4242421722 | ext: https://lg42.tchekda.fr <br> dn42: http://lg42.tchekda.dn42/ | UP |
30
+| 4242421876<br>211876 | ext: https://lg42.fixmix.network<br>dn42: https://lg.fixmix.dn42 | UP |
23 31
| 4242421926 | dn42: https://lg.zhaofeng.dn42 <br> ext: https://lg.naive.network | UP |
24 32
| 4242421955 | dn42: http://lg.nop.dn42/ <br> telnet:test.nop.dn42 <br> ext: http://freerouter.nop.hu/online.html| UP |
25 33
| 4242422024 | ext: http://lg.dn42.gcc.ac.cn/ <br> Interactive (ping, traceroute, BGP-map)| UP |
26
-| 4242422547 | ext: https://lg.lantian.pub or https://lg-alt.lantian.pub <br> dn42: http://lg.lantian.dn42 or http://lg-alt.lantian.dn42 | UP |
34
+| 4242422092 | ext: https://lg.dn42.pebkac.gr <br> dn42: http://lg.pebkac.dn42 <br> IPv4 and IPv6 | UP |
35
+| 4242422189 | dn42: http://lg.iedon.dn42 | UP |
36
+| 4242422237 | ext: https://lg.dn42.munsternet.eu | UP |
37
+| 4242422341 | ext: https://lg.dn42.zotan.network <br> dn42: https://lg.zotan.dn42 | UP |
38
+| 4242422428 | ext: https://lg.0l.de <br> IPv4 and IPv6 | UP |
39
+| 4242422547 | ext: https://lg.lantian.pub <br> dn42: http://lg.lantian.dn42 | UP |
27 40
| 4242422575 | dn42: https://lg.androw.dn42 <br> ext: https://lg.androw.eu/ | UP |
28 41
| 4242422601 | dn42: http://lg.burble.dn42 <br> ext: https://lg.burble.com/ | UP |
42
+| 4242422633 | dn42: http://lg.eb.dn42/ <br> ext: https://lg.eastbnd.com/ | UP |
29 43
| 4242422700 | dn42: http://lg.gotroot.dn42 <br> ext: http://dn42.gotroot.ca/ | UP |
30 44
| 4242422904 | ext: https://lg.doxz.net/ | UP |
31
-| 4242423905 | ext: https://dn42-svc.weiti.org/ulg/ <br> dn42: https://lg.weiti.dn42/ | UP |
32
-| 4242423088 | ext: https://lg.dn42.6700.cc <br> dn42: http://lg.sun.dn42/ | UP |
33
-| 4242421722 | ext: https://lg42.tchekda.fr <br> dn42: http://lg42.tchekda.dn42/ | UP |
34
-| 4242422237 | ext: https://lg.dn42.munsternet.eu | UP |
35
-| 4242420181 | ext: https://lg.dn42.miegl.cz <br> dn42: http://lg.mgl.dn42 | UP |
36
-| 4242421331<br>4242421332<br>207268 | ext: https://lg.strexp.net <br> dn42: http://lg.nia.dn42 | UP |
37
-| 4242422189 | dn42: http://lg.iedon.dn42 | UP |
38
-| 4242422341 | ext: https://lg.dn42.zotan.network <br> dn42: https://lg.zotan.dn42 | UP |
39
-| 4242422428 | ext: https://lg.0l.de <br> IPv4 and IPv6 | UP |
40 45
| 4242423078 | ext: https://lg.hexanet.dev <br> dn42: http://lg.hex.dn42 <br> Interactive (traceroute, BGP-map) <br> IPv6 only | UP |
41 46
| 4242421224 | dn42: http://lg.bit.dn42 | UP |
42
-
47
+| 4242423315 | ext: http://lg.unknownts.tk <br> dn42: http://unknownts.dn42 | UP |
48
+| 4242423088 | ext: https://lg.dn42.6700.cc <br> dn42: http://lg.sun.dn42/ | UP |
49
+| 4242423735 | ext: https://lg.dn42.cperrin.xyz <br> dn42: http://lg.cperrin.dn42 | UP |
50
+| 4242423905 | ext: https://dn42-svc.weiti.org/ulg/ <br> dn42: https://lg.weiti.dn42/ | UP |
51
+| 4242420197 | ext: https://lg.n0emis.eu <br> dn42: https://lg.n0emis.dn42 (soon) | UP |
43 52
44 53
## Down
45 54
... ...
@@ -48,9 +57,6 @@ These looking glasses were added to the table at some point, but now seem to be
48 57
49 58
| AS | URL | Status |
50 59
|:-- |:--- |:------ |
51
-| 4242423973 | dn42: http://lg.technopoint.dn42 <br> (traceroute, BGP-map) IPv4 only. | DOWN |
52
-| 4242422016 | ext: https://dn42.sidereal.ca <br> dn42: https://lg.sidereal.dn42 | DOWN |
53
-| 4242423993 | ext: https://lg.2f30.org/ <br> IPv4 only. | DOWN |
54 60
| 64719 | ext: https://lg.dn42.lutoma.org/ <br> dn42: https://lg.lutoma.dn42/ | DOWN |
55 61
| 76103 | ext: http://lg.nixnodes.net <br> dn42: http://lg.nixnodes.dn42 <br> IPv4 only. | DOWN |
56 62
| 64835 | ext: http://lg.nordkapp-5.dn42 <br> dn42: http://172.22.235.4 | DOWN |
... ...
@@ -65,8 +71,12 @@ These looking glasses were added to the table at some point, but now seem to be
65 71
| 4242420812 | dn42: https://lg.jan.dn42 <br> Interactive (traceroute, BGP-map) | DOWN |
66 72
| 4242421092 | dn42: http://lg.erg.dn42 <br> Interactive (traceroute, BGP-map) | DOWN |
67 73
| 4242421166 | dn42: http://lg.alcatrash.dn42/ | DOWN |
74
+| 4242421231 | dn42: http://lg.caesia.dn42 <br> ext: https://lg.caesia.net | UP |
75
+| 4242422016 | ext: https://dn42.sidereal.ca <br> dn42: https://lg.sidereal.dn42 | DOWN |
68 76
| 4242422342 | dn42: http://lg.gbe.dn42 <br> Semi-interactive (no traceroute, no ping) | DOWN |
69 77
| 4242422506 | dn42: http://www.as4242422506.dn42/ | DOWN |
70 78
| 4242423827 | ext: https://sky.nullroute.eu.org/dn42/lg/ <br> dn42: http://lg.nullroute.dn42 | DOWN |
71 79
| 4242423905 | ext: http://zeus.nowhere.ws/dn42/routes.cgi <br> dn42: http://zeus.nihilus.dn42/dn42/routes.cgi <br> Non-interactive (route listing only). | DOWN |
72
-| 4242423955 | dn42: http://lg.flo.dn42 | DOWN |
... ...
\ No newline at end of file
0
+| 4242423955 | dn42: http://lg.flo.dn42 | DOWN |
1
+| 4242423973 | dn42: http://lg.technopoint.dn42 <br> (traceroute, BGP-map) IPv4 only. | DOWN |
2
+| 4242423993 | ext: https://lg.2f30.org/ <br> IPv4 only. | DOWN |
services/Route-Collector.md
... ...
@@ -0,0 +1,127 @@
1
+# Global Route Collector
2
+
3
+The Global Route Collector (GRC) provides a real time view of routing and peering across DN42 and can be used to generate maps, stats or just query how routes are being propagated across the network.
4
+
5
+Technically the GRC is a [bird](https://bird.network.cz/) instance that anyone can peer with, it imports all routes whilst exporting none and provides a number of interfaces for querying the route data.
6
+
7
+Data from the GRC is used to generate some of the DN42 Maps (see the [[Internal Services|/internal/Internal-Services]] page).
8
+
9
+## Peering with the collector
10
+
11
+The collector uses the dynamic peering capability in Bird2 to allow anyone to peer with it without any new server side configuration being required. The collector relies on users peering with it across the network so the more peers the better and the more comprehensive the collector data will be.
12
+
13
+||Details|
14
+|:--|:--|
15
+| ASN | AS4242422602 |
16
+| Hostname | collector.dn42 |
17
+| IPv4 Address | 172.20.129.4 |
18
+| IPv6 Address | fd42:4242:2601:ac12::1 |
19
+
20
+### BGP Configuration
21
+
22
+ - Unlike normal DN42 peerings, you must enable multihop to peer with the collector
23
+ - The collector supports Multiprotocol BGP, so you don't need to configure separate IPv4 and IPv6 sessions
24
+ - Please enable the Add Paths BGP extension to export all available routes
25
+
26
+Example bird2 config:
27
+
28
+```text
29
+protocol bgp ROUTE_COLLECTOR
30
+{
31
+ local as ***YOUR_ASN***;
32
+ neighbor fd42:4242:2601:ac12::1 as 4242422602;
33
+
34
+ # enable multihop as the collector is not locally connected
35
+ multihop;
36
+
37
+ ipv4 {
38
+ # export all available paths to the collector
39
+ add paths tx;
40
+
41
+ # import/export filters
42
+ import none;
43
+ export filter {
44
+ # export all valid routes
45
+ if ( is_valid_network() && source ~ [ RTS_STATIC, RTS_BGP ] )
46
+ then {
47
+ accept;
48
+ }
49
+ reject;
50
+ };
51
+ };
52
+
53
+ ipv6 {
54
+ # export all available paths to the collector
55
+ add paths tx;
56
+
57
+ # import/export filters
58
+ import none;
59
+ export filter {
60
+ # export all valid routes
61
+ if ( is_valid_network_v6() && source ~ [ RTS_STATIC, RTS_BGP ] )
62
+ then {
63
+ accept;
64
+ }
65
+ reject;
66
+ };
67
+ };
68
+}
69
+```
70
+
71
+
72
+## Querying the collector
73
+
74
+### Looking Glass
75
+
76
+The collector runs a looking glass based on [bird-lg-go](https://github.com/xddxdd/bird-lg-go).
77
+
78
+ - [https://lg.collector.dn42/](https://lg.collector.dn42/)
79
+
80
+### MRT Dumps
81
+
82
+[MRT Dumps](https://tools.ietf.org/html/rfc6396) are produced by the collector every 10 minutes. Bird produces MRT dumps corresponding to tables, so two separate dumps are created, one for IPv4 (master4) and one for IPv6 (master6). The 10 minutes dumps are available for one week before being reduced down to one a day.
83
+
84
+ - [https://mrt.collector.dn42](https://mrt.collector.dn42)
85
+
86
+The latest dumps can always be found at the following URLs:
87
+
88
+ - [https://mrt.collector.dn42/master4_latest.mrt.bz2](https://mrt.collector.dn42/master4_latest.mrt.bz2)
89
+ - [https://mrt.collector.dn42/master6_latest.mrt.bz2](https://mrt.collector.dn42/master6_latest.mrt.bz2)
90
+
91
+### Prometheus Metrics
92
+
93
+The collector runs [bird_exporter](https://github.com/czerwonk/bird_exporter) and prometheus style metrics are available at the following URL:
94
+
95
+ - [http://collector.dn42:9324/metrics](http://collector.dn42:9324/metrics)
96
+
97
+### SSH Interface
98
+
99
+The collector bird instance can be queried directly using a birdc shell.
100
+
101
102
+
103
+```sh
104
105
+------------------------------------
106
+* DN42 Global Route Collector *
107
+------------------------------------
108
+* http://collector.dn42/
109
+
110
+This service provides a bird2 shell
111
+for querying the route collector
112
+
113
+Be nice, access is logged and
114
+abuse will not be tolerated
115
+------------------------------------
116
+BIRD burble-2.0.8-210322-1-ge6133456 ready.
117
+Access restricted
118
+bird> show route count
119
+bird> 297441 of 297441 routes for 502 networks in table master4
120
+286007 of 286007 routes for 427 networks in table master6
121
+1437 of 1437 routes for 1437 networks in table dn42_roa4
122
+1231 of 1231 routes for 1231 networks in table dn42_roa6
123
+Total: 586116 of 586116 routes for 3597 networks in 4 tables
124
+bird>
125
+
126
+```
127
+
services/Whois.md
... ...
@@ -62,7 +62,7 @@ See the page on [Registry Authentication](howto/Registry-Authentication)
62 62
# DNS interface
63 63
64 64
There is also a DNS-based interface to query AS information from the registry. The DNS zone is `asn.dn42`.
65
-A mirror is hosted at `asn.grmml.dn42`.
65
+Mirrors are hosted at `asn.grmml.dn42` and `asn.lorkep.dn42`.
66 66
67 67
Example:
68 68
services/dns/Configuration.md
... ...
@@ -47,7 +47,7 @@ zone "23.172.in-addr.arpa" {
47 47
zone "d.f.ip6.arpa" {
48 48
type forward;
49 49
forwarders { 172.20.0.53; fd42:d42:d42:54::1; };
50
-}
50
+};
51 51
```
52 52
53 53
**Note**: With DNSSEC enabled, bind might refuse to accept query results from the dn42 zone: `validating dn42/SOA: got insecure response; parent indicates it should be secure`.
... ...
@@ -92,7 +92,7 @@ Add this to /etc/powerdns/recursor.conf (at least in Debian and CentOS), the **f
92 92
93 93
```
94 94
dont-query=127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, ::1/128, fe80::/10
95
-forward-zones-recurse=dn42=172.20.0.53,hack=172.20.0.53,ffhh=172.20.0.53,ffac=172.20.0.53,020=172.20.0.53,adm=172.20.0.53,ffa=172.20.0.53,ffhb=172.20.0.53,ffc=172.20.0.53,ffda=172.20.0.53,ffdh=172.20.0.53,ff3l=172.20.0.53,fffl=172.20.0.53,ffffm=172.20.0.53,fffr=172.20.0.53,fffd=172.20.0.53,ffgl=172.20.0.53,fflln=172.20.0.53,ffbcd=172.20.0.53,ffbgl=172.20.0.53,ffgoe=172.20.0.53,ffgt=172.20.0.53,ffh=172.20.0.53,helgo=172.20.0.53,ffhef=172.20.0.53,ffj=172.20.0.53,ffka=172.20.0.53,ffki=172.20.0.53,ffhl=172.20.0.53,fflux=172.20.0.53,ffms=172.20.0.53,mueritz=172.20.0.53,ffnord=172.20.0.53,ffnw=172.20.0.53,ffoh=172.20.0.53,ffpb=172.20.0.53,ffpi=172.20.0.53,ffrade=172.20.0.53,ffrgb=172.20.0.53,ffrg=172.20.0.53,rzl=172.20.0.53,ffsaar=172.20.0.53,fftr=172.20.0.53,fftdf=172.20.0.53,ffwk=172.20.0.53,ffgro=172.20.0.53,ffwk=172.20.0.53,ffwp=172.20.0.53,ffw=172.20.0.53,20.172.in-addr.arpa=172.20.0.53,22.172.in-addr.arpa=172.20.0.53,23.172.in-addr.arpa=172.20.0.53,31.172.in-addr.arpa=172.20.0.53,c.f.ip6.arpa=172.20.0.53
95
+forward-zones-recurse=dn42=172.20.0.53,hack=172.20.0.53,ffhh=172.20.0.53,ffac=172.20.0.53,020=172.20.0.53,adm=172.20.0.53,ffa=172.20.0.53,ffhb=172.20.0.53,ffc=172.20.0.53,ffda=172.20.0.53,ffdh=172.20.0.53,ff3l=172.20.0.53,fffl=172.20.0.53,ffffm=172.20.0.53,fffr=172.20.0.53,fffd=172.20.0.53,ffgl=172.20.0.53,fflln=172.20.0.53,ffbcd=172.20.0.53,ffbgl=172.20.0.53,ffgoe=172.20.0.53,ffgt=172.20.0.53,ffh=172.20.0.53,helgo=172.20.0.53,ffhef=172.20.0.53,ffj=172.20.0.53,ffka=172.20.0.53,ffki=172.20.0.53,ffhl=172.20.0.53,fflux=172.20.0.53,ffms=172.20.0.53,mueritz=172.20.0.53,ffnord=172.20.0.53,ffnw=172.20.0.53,ffoh=172.20.0.53,ffpb=172.20.0.53,ffpi=172.20.0.53,ffrade=172.20.0.53,ffrgb=172.20.0.53,ffrg=172.20.0.53,rzl=172.20.0.53,ffsaar=172.20.0.53,fftr=172.20.0.53,fftdf=172.20.0.53,ffwk=172.20.0.53,ffgro=172.20.0.53,ffwk=172.20.0.53,ffwp=172.20.0.53,ffw=172.20.0.53,20.172.in-addr.arpa=172.20.0.53,21.172.in-addr.arpa=172.20.0.53,22.172.in-addr.arpa=172.20.0.53,23.172.in-addr.arpa=172.20.0.53,31.172.in-addr.arpa=172.20.0.53,c.f.ip6.arpa=172.20.0.53
96 96
```
97 97
98 98
## MaraDNS