dn42-wiki/feed.xml

<?xml version="1.0" encoding="UTF-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
    <title>dn42 wiki</title>
    <subtitle></subtitle>
    <updated>Sun, 18 Aug 2024 19:47:48 +0000</updated>
    <link rel="self" href="/feed.xml" />
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/IX-Collection</id>
        <content>
                             Name       Wiki Page       Related Link(s)                       IXP-frnte       IXP-frnte       N/A                 mcast-ix       mcast-ix       N/A                 SERNET-IX       SERNET-IX       https://blog.sherpherd.top/ix.html... /services/IX-Collection 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="/feed.xml" />
        <id>https://dn42.obl.ong/feed.xml</id>
        <content>
            {%- capture newline %} {% endcapture -%}       {{ site.title }}     {{ site.description }}     {{ site.time | date_to_rfc822 }}          {% for page in site.pages %}{% if page.sitemap %}              {{ page.title | xml_escape }}                  {{ ... /feed.xml 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="/" />
        <id>https://dn42.obl.ong/</id>
        <content>
            Redirecting to [/Home](/Home). ... / 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="/sitemap.xml" />
        <id>https://dn42.obl.ong/sitemap.xml</id>
        <content>
                  {% for page in site.pages %}{% if page.sitemap %}              {{ site.url | xml_escape }}{{ page.url | xml_escape }}          {% endif %}{% endfor %}  ... /sitemap.xml 
        </content>
    </entry>
    
    <entry>
        <title>How do I connect to DN42?</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/FAQ</id>
        <content>
            ## How do I connect to DN42?  We have a [page](/howto/Getting-Started) for that!   ### What BGP daemon should I use?  This is really up to you: that&apos;s the magic of open protocols.  Many users run Bird or FRRouting in a VPS, but there is a variety of ... /FAQ 
        </content>
    </entry>
    
    <entry>
        <title>About dn42</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/Home</id>
        <content>
            ## About dn42  dn42 is a big dynamic [VPN](https://en.wikipedia.org/wiki/Virtual_private_network), which employs Internet technologies ([BGP](https://en.wikipedia.org/wiki/Bgp), whois database, [DNS](https://en.wikipedia.org/wiki/Domain_Name_System),... /Home 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/Links</id>
        <content>
            This is a small list of links. Some of them are informative, some educational, some funny and some entertaining. You know a link you want to share? Then edit the page and add it!  Books: - [Computer Networks -Tanenbaum](https://github.com/gsahinpi/ac... /Links 
        </content>
    </entry>
    
    <entry>
        <title>Other Dark / Overlay Networks</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/Other</id>
        <content>
            # Other Dark / Overlay Networks  ## Other Lists  -  -  -  -  -   ## Anonymity  - **Tor** (The onion router) is an anonymity network that also features a darknet - its &quot;hidden services&quot;. It&apos;s the most popular instance of a darknet.  ## P2P / F2F / War... /Other 
        </content>
    </entry>
    
    <entry>
        <title>Contact</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/contact</id>
        <content>
            # Contact  Members of the dn42 network mostly communicate via IRC or the mailing list.  If you would like to contact an individual network operator, you will find contact information in the [Whois](/services/Whois) registry.  ## Mailing list  * is at... /contact 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/historical/Bird</id>
        <content>
            Bird is a commonly used BGP daemon.  This page provides configuration and help to run Bird for dn42. Compared to quagga, bird supports multiple routing tables, which is useful, if you also plan to peer with other federated networks such as freifunk. ... /historical/Bird 
        </content>
    </entry>
    
    <entry>
        <title>Quagga</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/historical/Quagga</id>
        <content>
            # Quagga  Quagga is probably one of the oldest software router around.  It still works, of course, even though it has an unattractive configuration syntax (unfortunately inspired by  [Cisco&apos;s IOS](/howto/IPsecWithPublicKeys/CiscoIOSExample)) and has ... /historical/Quagga 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/Address-Space</id>
        <content>
            DN42 uses network addresses in the [rfc1918](https://tools.ietf.org/html/rfc1918) and [ULA](https://tools.ietf.org/html/rfc4193) ranges. These are described in detail within the sections below.   The [DN42 registry](https://git.dn42.dev/dn42/registry... /howto/Address-Space 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/BGP-communities</id>
        <content>
            Bird is a commonly used BGP daemon. This page provides configuration and help for using BGP communities with Bird for dn42.  Communities can be used to prioritize traffic based on different flags, in DN42 we are using communities to prioritize based ... /howto/BGP-communities 
        </content>
    </entry>
    
    <entry>
        <title>Installation notes</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/Bird2</id>
        <content>
            # Installation notes This page is applicable to bird versions 2.x ## Arch Linux  The `extra/bird` package in the arch repositories will usually have a relatively recent version and there is (usually) no need for a manual install over the usual `# pac... /howto/Bird2 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/EMail</id>
        <content>
            Running email in dn42 is not very complicated.  Your SMTP daemon probably already listens on the wildcard address, so you mostly need to:  * open your firewall to allow TCP/25 from dn42 * setup DNS (MX records, or simply relevant A records) * configu... /howto/EMail 
        </content>
    </entry>
    
    <entry>
        <title>EdgeRouter Lite DN42 config example</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/EdgeOS-Config-Example</id>
        <content>
            # EdgeRouter Lite DN42 config example This is the config I (Felicitus) am running on an Ubiquiti EdgeRouter Lite (AS76197).  ## Features  * dn42 DNS * &quot;classic&quot; OpenVPN P2P (including the common &quot;comp-lzo&quot; option) * BGP * Some traffic-shaping rules f... /howto/EdgeOS-Config-Example 
        </content>
    </entry>
    
    <entry>
        <title>EdgeOS</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/EdgeOS-Config</id>
        <content>
            # EdgeOS    This document describes some possibilities for connecting to dn42 using an Ubiquiti EdgeRouter:  * IPv4/IPv6 tunnel via:     * OpenVPN - support built into EdgeOS already - covered below     * IPsec/IKEv2 - support built into EdgeOS alrea... /howto/EdgeOS-Config 
        </content>
    </entry>
    
    <entry>
        <title>EdgeOS GRE/IPsec config example</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/EdgeOS-GRE-IPsec-Example</id>
        <content>
            # EdgeOS GRE/IPsec config example This is an example configuration derived from the config used on a peering router in AS64746. It was created using EdgeOS version 1.5.0alpha1 on an EdgeRouter Lite.  ## Features * Zone-based firewall * BGP prefix fil... /howto/EdgeOS-GRE-IPsec-Example 
        </content>
    </entry>
    
    <entry>
        <title>GRE on FreeBSD</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/GRE-on-FreeBSD</id>
        <content>
            # GRE on FreeBSD  This page describes how to configure GRE tunnels on FreeBSD.  ## Requirements  * Root access to a FreeBSD system. * Loaded if_gre.ko or device gre * A static IPv4 address on both ends if you would like to preserve your sanity.  ## C... /howto/GRE-on-FreeBSD 
        </content>
    </entry>
    
    <entry>
        <title>Point-to-Point Layer 3 GRE tunnel interface</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/GRE-on-OpenBSD</id>
        <content>
            # Point-to-Point Layer 3 GRE tunnel interface This guide describes how to establish an unencrypted and unauthenticated IPv6-over-IPv6 tunnel on [OpenBSD](https://openbsd.org), see [gre(4) EXAMPLES](http://man.openbsd.org/gre.4#Point-to-Point_Layer_3_... /howto/GRE-on-OpenBSD 
        </content>
    </entry>
    
    <entry>
        <title>GRE+IPsec</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/GRE-plus-IPsec</id>
        <content>
            # GRE+IPsec  ## Why GRE? * [GRE](https://en.wikipedia.org/wiki/GRE) provides universal encapsulation on top of IP. * It has a smaller header than UDP. * GRE tunnels are processed in-kernel on *nix systems. * It&apos;s supported by hardware routers.  ## Wh... /howto/GRE-plus-IPsec 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/Getting-Started</id>
        <content>
            You want to join dn42, but you don&apos;t know where to start. This guide gives general guidelines about dn42 and routing in general, but it assumes that you are knowledgeable with routing.  # Requirements  - you have at least one router running 24/7. Any... /howto/Getting-Started 
        </content>
    </entry>
    
    <entry>
        <title>IPsec on FreeBSD</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPsec-on-FreeBSD</id>
        <content>
            # IPsec on FreeBSD  These instructions are for IPsec in transport mode not IPsec in tunnel mode. IPsec in tunnel mode requires a too tight coupling with the routing table for dynamic routing because the policies can only be specified based on source/... /howto/IPsec-on-FreeBSD 
        </content>
    </entry>
    
    <entry>
        <title>IPsec with public key authentication</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPsec-with-PublicKeys</id>
        <content>
            # IPsec with public key authentication ## Stop using pre-shared keys! ### Pre-shared keys suck, because _reasons_  *  __The key must be kept secret__, which means it must be shared only over a secure channel e.g. PGP, face-to-face *  Most implementat... /howto/IPsec-with-PublicKeys 
        </content>
    </entry>
    
    <entry>
        <title>IPsec with public key authentication on Cisco IOS</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPsecWithPublicKeys/CiscoIOSExample</id>
        <content>
            # IPsec with public key authentication on Cisco IOS ## Setup ### Generate an RSA keypair _Note: You may already have completed this step, since it&apos;s required to enable SSH._  1. Configure a hostname and domain name.  ``` Router#conf t Router(config)#... /howto/IPsecWithPublicKeys/CiscoIOSExample 
        </content>
    </entry>
    
    <entry>
        <title>GRE + IPsec on Debian based distros</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPsecWithPublicKeys/GRE-plus-IPsec-Debian</id>
        <content>
            # GRE + IPsec on Debian based distros  * Install racoon from ipsec-tools. * Define an IPsec security policy in /etc/ipsec-tools.conf * Load the IPsec security policy into the IPsec security policy database. * Configure the racoon daemon. * Configure ... /howto/IPsecWithPublicKeys/GRE-plus-IPsec-Debian 
        </content>
    </entry>
    
    <entry>
        <title>Introduction</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPsecWithPublicKeys/OpenBSDExample</id>
        <content>
            # Introduction Here be dragons. This section should cover the basics: * IKEv1 * Three stages: Key distribution, IPSec setup, GRE setup * In theory, BGPd can set up IPSec flows itself, but we&apos;re not using that here because that prevents you from using... /howto/IPsecWithPublicKeys/OpenBSDExample 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPsecWithPublicKeys/RacoonExample</id>
        <content>
            Quote from #dn42: `hexa: nobody runs racoon on their free will :)`.  See also [strongSwan](/howto/IPsecWithPublicKeys/strongSwan5Example)  The keys are generated with plainrsa-gen.  ``` Usage: plainrsa-gen [options]    -b bits       Generate  long RS... /howto/IPsecWithPublicKeys/RacoonExample 
        </content>
    </entry>
    
    <entry>
        <title>IPsec with public key authentication on Mikrotik RouterOS</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPsecWithPublicKeys/RouterOSExample</id>
        <content>
            # IPsec with public key authentication on Mikrotik RouterOS ## Setup ### Generate an RSA keypair  ``` [admin@mtk1] &gt; /ip ipsec key [admin@mtk1] /ip ipsec key&gt; generate-key mykey key-size=4096 For key bigger than 1024bit this may take a while.. [admin... /howto/IPsecWithPublicKeys/RouterOSExample 
        </content>
    </entry>
    
    <entry>
        <title>IPsec with public key authentication on VyOS/EdgeOS</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPsecWithPublicKeys/VyOSExample</id>
        <content>
            # IPsec with public key authentication on VyOS/EdgeOS ## Setup ### Generate an RSA keypair  ```sh ubnt@ubnt:~$ generate vpn rsa-key bits 4096 random /dev/urandom Generating rsa-key to /config/ipsec.d/rsa-keys/localhost.key  Your new local RSA key has... /howto/IPsecWithPublicKeys/VyOSExample 
        </content>
    </entry>
    
    <entry>
        <title>IPsec with public key authentication on strongSwan &amp;lt; 5.0.0</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPsecWithPublicKeys/strongSwan4Example</id>
        <content>
            # IPsec with public key authentication on strongSwan  /etc/ipsec.d/private/mykey.pem root@debian:~# ipsec pki --pub --in /etc/ipsec.d/private/mykey.pem --outform pem &gt; /etc/ipsec.d/public/mykey.pub root@debian:~# echo &quot;: RSA mykey.pem&quot; &gt;&gt; /etc/ipsec.... /howto/IPsecWithPublicKeys/strongSwan4Example 
        </content>
    </entry>
    
    <entry>
        <title>IPsec with public key authentication on strongSwan &amp;gt;= 5.0.0</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPsecWithPublicKeys/strongSwan5Example</id>
        <content>
            # IPsec with public key authentication on strongSwan &gt;= 5.0.0 ## Setup ### Installation hints For IPsec with Public Keys you&apos;ll need the package _strongswan-plugin-pubkey_ installed.  Don&apos;t forget to disable selinux :) ### Generate an RSA keypair  ``... /howto/IPsecWithPublicKeys/strongSwan5Example 
        </content>
    </entry>
    
    <entry>
        <title>IPv6 Multicast</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPv6-Multicast</id>
        <content>
            # IPv6 Multicast  The following guide illustrates how to set up an IPv6 multicast router using [PIM-SM](https://en.wikipedia.org/wiki/Protocol_Independent_Multicast#Sparse_mode) (Protocol Independent Multicast in Sparse Mode) with your own personal m... /howto/IPv6-Multicast 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/IPv6</id>
        <content>
            _Work in progress_  ## Introduction  DN42 is a somewhat unique undertaking, and a great way to learn about networking and routing techs. If you feel like spicing the challenge up a bit, why not get familiar with IPv6 at the same time ?  There&apos;s nothi... /howto/IPv6 
        </content>
    </entry>
    
    <entry>
        <title>Number of routes by AS</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/Munin</id>
        <content>
            ## Number of routes by AS  IPv4: ```bash #!/bin/bash if [ &quot;$1&quot; = &quot;config&quot; ];then 	echo graph_title Number of routes 	echo graph_vlabel num. routes 	echo graph_category network 	echo graph_scale no 	for AS in $(ip r|sed &apos;s/.* dev //;s/ .*//&apos;|sort|uniq... /howto/Munin 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/OpenBGPD</id>
        <content>
            This guide describes a simple configuration for [OpenBGPD](https://openbgpd.org) running on [OpenBSD](https://openbsd.org). The [portable version](https://openbgpd.org/ftp.html) should run with little to no configuration changes on other operating sy... /howto/OpenBGPD 
        </content>
    </entry>
    
    <entry>
        <title>dn42 on OpenWRT</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/OpenWRT</id>
        <content>
            # dn42 on OpenWRT  This page gives hints on how to participate to dn42 with an OpenWRT router. It assumes Attitude Adjustment (12.09), but you can adapt it for other versions.  The intended target is a home router, acting as the default gateway for i... /howto/OpenWRT 
        </content>
    </entry>
    
    <entry>
        <title>What is ROA?</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/ROA-slash-RPKI</id>
        <content>
            ## What is ROA?  A Route Origination Authorization details which AS is authorised to advertise which originating IP prefixes. A ROA may also include prefix length information.  ## What is RPKI?  Resource Public Key Infrastructure is basically a frame... /howto/ROA-slash-RPKI 
        </content>
    </entry>
    
    <entry>
        <title>How Authentication Works</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/Registry-Authentication</id>
        <content>
            # How Authentication Works  `auth` attributes within registry `mntner` objects define a public key that is used to verify the identity of the maintainer and prove that changes to registry objects are authorised.  When a pull request is submitted to t... /howto/Registry-Authentication 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/Static-routes-on-Windows</id>
        <content>
            Modern versions of Windows do not support OSPF and manually adding static routes every time after a reboot is annoying. Below is a batch script you can edit and run to help make adding routes easier. This script assumes that your BGP router and Windo... /howto/Static-routes-on-Windows 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/frr</id>
        <content>
            To quote from :  &gt; FRRouting (FRR) is a free and open source Internet routing protocol suite for Linux and Unix platforms. It implements BGP, OSPF, RIP, IS-IS, PIM, LDP, BFD, Babel, PBR, OpenFabric and VRRP, with alpha support for EIGRP and NHRP.  It... /howto/frr 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/lglass</id>
        <content>
            lglass is a Python software package designed for Internet Registries like the DN42. You can generate zone files for DNS and rDNS IPv4/v6, and handle the registry. It is available on GitHub as free software:  ```sh $ git clone git://github.com/fritz07... /howto/lglass 
        </content>
    </entry>
    
    <entry>
        <title>How to connect to dn42 using Mikrotik RouterOS</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/mikrotik</id>
        <content>
            # How to connect to dn42 using Mikrotik RouterOS   ## Legend   * 1.1.1.1 - peer external IP  * 2.2.2.2 - your external IP  * A private /30 range for the GRE endpoints: 192.168.200.128/30  * 192.168.200.129 - remote GRE IPv4 address  * 192.168.200.130... /howto/mikrotik 
        </content>
    </entry>
    
    <entry>
        <title>How to setup Mikrotik with point-to-point /32 address on interfaces</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/mikrotik/ptp32</id>
        <content>
            # How to setup Mikrotik with point-to-point /32 address on interfaces  ## RouterOS issues   * RouterOS doesn&apos;t have direct Point-to-Point addresses.  * BGP doesn&apos;t resolve the next-hop for their routes using a rescursive route that uses a interface a... /howto/mikrotik/ptp32 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/mpls-bird2</id>
        <content>
            Original Article: [https://blog.sherpherd.top/2024/02/11/RunYourMPLSNetworkWithBIRD_en.html](https://blog.sherpherd.top/2024/02/11/RunYourMPLSNetworkWithBIRD_en.html)  # Intro Now, most tutorials about running MPLS on Linux are based on FRR. Because ... /howto/mpls-bird2 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/mpls</id>
        <content>
            mpls label switching is faster because it&apos;s a divide and conquer search in an ordered list, compared to routing, which is a longest prefix match, which is a search in a netmask deep tree  and doing just label switching, especially with multiple label... /howto/mpls 
        </content>
    </entry>
    
    <entry>
        <title>Multicast</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/multicast</id>
        <content>
            ## Multicast  RFC 8815 deprecated PIM-SM so PIM-SSM is the way to go!  ### Setup  For it to work, you&apos;ll need to do the following:   * Ask your peering to enable ipv4/ipv6 multicast AFI on your peering   * Set up IPv4/IPv6 PIM for the (s,g) joins to ... /howto/multicast 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/networksettings</id>
        <content>
            The first rule of dn42: Always disable `rp_filter`.   The second rule of dn42: Always disable `rp_filter`.   The third rule of dn42: Allow ip forwarding!  No seriously, in case some packets are dropped, first check if your settings are correct.  `rp_... /howto/networksettings 
        </content>
    </entry>
    
    <entry>
        <title>NixOS</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/nixos</id>
        <content>
            # NixOS  NixOS is a declarative Linux distribution based on the Nix package Manager. In this post I&apos;ll explain how I setup dn42 in this environment. I currently only peer with wireguard and use bird2. NixOS uses configuration files to manage the syst... /howto/nixos 
        </content>
    </entry>
    
    <entry>
        <title>Example Configuration for direct peer to peer</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/openvpn</id>
        <content>
            # Example Configuration for direct peer to peer  * Replace `` with a self chosen name to identify this peer * Replace `` with either `udp` or `udp6`, depending if you reach your remote peer with ipv4 o ipv6 * Replace `` with the public ip address of ... /howto/openvpn 
        </content>
    </entry>
    
    <entry>
        <title>systemd-networkd configuration example</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/systemd-networkd-configuration-example</id>
        <content>
            # systemd-networkd configuration example This is the config that is used on ZOTAN Networks (AS4242422341). Full network configuration available on [my Git](https://git.zotan.dn42/zotan/dn42) (dn42) or alternatively [my Git](https://git.prod.zotan.net... /howto/systemd-networkd-configuration-example 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/tinc</id>
        <content>
            [Tinc](http://www.tinc-vpn.org/) is a meshing VPN daemon. It allows multiple parties to connect and discover each other independently, while minimizing points of failure. Tinc will use a bunch of nodes to build the network graph, which in return all ... /howto/tinc 
        </content>
    </entry>
    
    <entry>
        <title>VyOS 1.4.x sagitta</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/vyos1.4.x</id>
        <content>
            # VyOS 1.4.x sagitta VyOS is an open source software router.  It is feature rich and supports multiple deployment options such as physical hardware (Old PC&apos;s) or a VPC/VM.  The developers have a nightly rolling release that includes all the latest fe... /howto/vyos1.4.x 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/howto/wireguard</id>
        <content>
            To quote the [homepage](https://www.wireguard.io/):  &gt; WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive... /howto/wireguard 
        </content>
    </entry>
    
    <entry>
        <title>Application Programming Interfaces (APIs)</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/internal/APIs</id>
        <content>
            # Application Programming Interfaces (APIs) This page can be useful if you are trying to automate something or if you are trying to retrieve data programmatically.  ### ASN Authentication Solution Authenticate your users by having them verify their A... /internal/APIs 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/internal/Achievements</id>
        <content>
            Add what you did in/for dn42, yet:  | Who     | #peerings | Bandwidth | DNS | Fileserver | Network service | Website   | |:------- |:--------- |:--------- |:--- |:---------- |:--------------- |:--------- | | allo    | 7 | 1 GBit/s          | auth. on... /internal/Achievements 
        </content>
    </entry>
    
    <entry>
        <title>Historical Services</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/internal/Historical-Services</id>
        <content>
            # Historical Services  **The services below were available on DN42 in the past.**  **This section exists to serve as an inspiration for people wanting to provide a service to the DN42 community.** ***  You can inspect the services status [on this pag... /internal/Historical-Services 
        </content>
    </entry>
    
    <entry>
        <title>Ideas</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/internal/Ideas</id>
        <content>
            # Ideas   … or the service that would make dn42 truly interesting for people (for non-technical reasons).  ## Criterias    - it should be difficult to setup on the Internet (for technical or legal reasons)   - it should interest people that are likel... /internal/Ideas 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/internal/Interconnections</id>
        <content>
            **This page lists the external Overlay Networks DN42 is connected to**  | Network                                                | IPv4 address space | IPv6 address space | TLDs | Remarks | |:-------------------------------------------------------|:-... /internal/Interconnections 
        </content>
    </entry>
    
    <entry>
        <title>Internal services</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/internal/Internal-Services</id>
        <content>
            # Internal services  You are asked to show some creativity in terms of network usage and content. ;)  ## Search engine  There is a search engine at [search.dn42](https://search.dn42) that can also be used to discover services and content. It attempts... /internal/Internal-Services 
        </content>
    </entry>
    
    <entry>
        <title>dn42 Show and Tell</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/internal/ShowAndTell</id>
        <content>
            # dn42 Show and Tell  Let us know the most creative, best, strangest, complex, wierd or just plain fun setups that you&apos;ve created with dn42.  Document your mad setups in the categories below, with links to a full write up, photos and screenshots welc... /internal/ShowAndTell 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/internal/Tor</id>
        <content>
            [Tor](https://torproject.org/) ([dn42 mirror](http://tor.e-utp.dn42/)) is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential busin... /internal/Tor 
        </content>
    </entry>
    
    <entry>
        <title>Welcome to perchnet (AS4242422825)</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/perchnet</id>
        <content>
            # Welcome to perchnet (AS4242422825)  ## Introduction perchnet is a network on dn42. The goal of perchnet is to facilitate learning about and experimentation with various networking technologies, and linking up multiple sites in the &quot;hybrid&quot; and &quot;mul... /perchnet 
        </content>
    </entry>
    
    <entry>
        <title>DN42 ACME CA</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Automatic-CA</id>
        <content>
            DN42 ACME CA ==================  Certificates can be automatically generated with the [ACME-CA](https://burble.dn42/services/acme/) using [acme.sh](https://github.com/acmesh-official/acme.sh) or [lego](https://github.com/go-acme/lego) or [Caddy](http... /services/Automatic-CA 
        </content>
    </entry>
    
    <entry>
        <title>Automatic Peering</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Automatic-Peering</id>
        <content>
            # Automatic Peering  It is recommended to use the [DN42 Pingfinder](https://dn42.us/peers/) to find the network with the lowest latency to peer with.  ## Fully self-service  This list includes only systems that offer instant peering (fully self-servi... /services/Automatic-Peering 
        </content>
    </entry>
    
    <entry>
        <title>SSL Certificate Authority</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Certificate-Authority</id>
        <content>
            # SSL Certificate Authority  internal.dn42 is signed by an internally maintained CA that is only allowed to sign *.dn42 domains. If you would like to have a certificate signed by this CA there is [an automated process to do so](/services/Automatic-CA... /services/Certificate-Authority 
        </content>
    </entry>
    
    <entry>
        <title>DN42 Clearnet Domains</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Clearnet-Domains</id>
        <content>
            # DN42 Clearnet Domains  To provide services over the public internet some community members have contributed clearnet domain names to be used for DN42.  |Domain| |:--| |dn42.dev| |dn42.no|   DNS records for these domains are managed by a gitea repos... /services/Clearnet-Domains 
        </content>
    </entry>
    
    <entry>
        <title>DN42 DNS</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/DNS</id>
        <content>
            # DN42 DNS  This page covers guidance and examples on using DNS within DN42.  ## Quick Start  It is recommended to run your own DNS resolver as this provides you with the most security and privacy.  However, to get started, or if running your own res... /services/DNS 
        </content>
    </entry>
    
    <entry>
        <title>this page is outdated and need update</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Distributed-Wiki</id>
        <content>
            # this page is outdated and need update  The idea is to deploy mirrors across dn42 using [anycast](https://en.wikipedia.org/wiki/Anycast) addressing (BGP), thus providing redundancy, load-balancing and improved access times to the wiki. Sites are pow... /services/Distributed-Wiki 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/E-Mail-Providers</id>
        <content>
            If you have an E-Mail service and would like to test it&apos;s functionality, send an email to [zane_reick@dmail.dn42](mailto:zane_reik@dmail.dn42). You will get a response usually within a few hours.  **Free E-Mail Addresses for DN42 Users.** * DN42 Mail... /services/E-Mail-Providers 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Exchanges</id>
        <content>
            In the real world two organizations have to lay cables to one another when they want to peer. This is why IXPs (Internet Exchange Points) or IXes (Internet Exchanges) for short exist. Instead of laying cables to one another, organizations lay cables ... /services/Exchanges 
        </content>
    </entry>
    
    <entry>
        <title>What’s FreePhone?</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/FreePhone</id>
        <content>
            # What&apos;s FreePhone? Where&apos;s the point in using a phone flat just for a single person? !FreePhone is a project aimed to develop a VPN wide SIP phone service. Calling german landline is possible at the moment, as well as local participants (eg. maxx). ... /services/FreePhone 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/IPv6-Anycast</id>
        <content>
            We provide some anycast services over IPv6.  ## Anycast address space  **fd42:d42:d42::/48** is reserved for anycast services.  Each anycast service runs on a dedicated /64 in this range.  This way, nobody needs to update filters.  Remember, if you a... /services/IPv6-Anycast 
        </content>
    </entry>
    
    <entry>
        <title>IRC</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/IRC</id>
        <content>
            # IRC &gt; TLDR: irc.hackint.dn42, #dn42  We have an IRC Chatroom on the [hackint-Network](https://www.hackint.org). It is reachable from within DN42, ChaosVPN and the public internet. A connection is only possible via TLS on port 6697.  | Network | Hos... /services/IRC 
        </content>
    </entry>
    
    <entry>
        <title>The IXP frnte</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/IXP-frnte</id>
        <content>
            The IXP frnte =============  An IXP is a collection point for Internet providers. This can be physical or virtual. In a physical IXP, several Internet providers place servers in a data center and connect them to each other.  In a virtual IXP, the ser... /services/IXP-frnte 
        </content>
    </entry>
    
    <entry>
        <title>Looking Glasses</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Looking-Glasses</id>
        <content>
            # Looking Glasses  This is the list of **looking glasses** available for the dn42 network. Some only display BGP information, while some others allow interactive queries (traceroute, details of a route, BGP-map visualisation, etc).  When a looking gl... /services/Looking-Glasses 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/New-DNS</id>
        <content>
            After frequent issues with the [Old Hierarchical DNS](/services/Old-Hierarchical-DNS) system in early 2018, work has started to build a new and more reliable DNS system. The main goals are: * Reliability and Consistency to avoid debugging very obscur... /services/New-DNS 
        </content>
    </entry>
    
    <entry>
        <title>List of Usenet servers</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/News</id>
        <content>
            # List of Usenet servers  | **Person** | **Status** | **Address**      | **Posting** | **Newsgroups**   | **Binaries** | |----|----|----|----|----|----| | welterde     | _down_       |  | _yes_       | Big 8, de.\*, alt.\* | _no_         | | UFO     ... /services/News 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Old-Hierarchical-DNS</id>
        <content>
            This information is now **deprecated**. Please check [New DNS](/services/New-DNS) for the current architecture.  ***  DNS in the global internet is designed as a tree starting from &quot;.&quot; and traveling outward in layers. Currently in DN42 dns is flat. T... /services/Old-Hierarchical-DNS 
        </content>
    </entry>
    
    <entry>
        <title>Original DNS (deprecated)</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Original-DNS-(deprecated)</id>
        <content>
            # Original DNS (deprecated) This information is now **deprecated**. Please check [New DNS](/services/New-DNS) for the current architecture.  ***  *(tl;dr)* We have a TLD for dn42, which is `.dn42`. The anycast resolver for `.dn42` runs on `172.20.0.5... /services/Original-DNS-(deprecated) 
        </content>
    </entry>
    
    <entry>
        <title>Pingables</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Pingables</id>
        <content>
            # Pingables  Pingable addresses are intended as a test of whether a network can be reached in principle. Furthermore, it is useful if they show an above-average uptime. Therefore it is recommended to operate them via Anycast. The following is a list ... /services/Pingables 
        </content>
    </entry>
    
    <entry>
        <title>Repository Mirrors</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Repository-Mirrors</id>
        <content>
            # Repository Mirrors  There are some mirrors available in DN42. All mirrors are subdomains of &quot;mirror.dn42&quot;. DNS Round-Robin is set up for Load Balancing.   ## Ubuntu  ****  Hosted by: * mephisto   ## mirror.yandex.ru proxy  **** ****  Hosted by: * n... /services/Repository-Mirrors 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Route-Beacon</id>
        <content>
            There is a route beacon periodically advertising and withdrawing the prefixes `172.21.100.24/29` and `fd40:e3b7:1d77:1234::/64`. These are the only prefixes of as4242421933. The schedule is the following: the prefixes are announced in every even (ces... /services/Route-Beacon 
        </content>
    </entry>
    
    <entry>
        <title>Global Route Collector</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Route-Collector</id>
        <content>
            # Global Route Collector  The Global Route Collector (GRC) provides a real time view of routing and peering across DN42 and can be used to generate maps, stats or just query how routes are being propagated across the network.   Technically the GRC is... /services/Route-Collector 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/SERNET-IX</id>
        <content>
            Placeholder.... /services/SERNET-IX 
        </content>
    </entry>
    
    <entry>
        <title>Statistics</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Statistics</id>
        <content>
            # Statistics   ## IRC  Channel statistics for #dn42@hackint are available at: .  ## Scripts  ### Number of prefixes for collectd  #### collectd.conf  ```conf LoadPlugin exec     Exec nobody &quot;/etc/collectd/bgp_prefixes-quagga.sh&quot;  ```  collectd refuse... /services/Statistics 
        </content>
    </entry>
    
    <entry>
        <title>Tahoe LAFS</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Tahoe-LAFS</id>
        <content>
            # Tahoe LAFS  ## The idea Tahoe-LAFS provides a distributed, reliable and crypted file system.  ## How? Some people run Tahoe-LAFS nodes, providing space. With clients files can be published and received to the cloud. Everything will be encrypted on ... /services/Tahoe-LAFS 
        </content>
    </entry>
    
    <entry>
        <title>Virtual Machines</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Virtual-Machines</id>
        <content>
            # Virtual Machines  Previously, some DN42 users had provided VMs to the community, but it is not known if any of these are currently active any more. The list of old providers is below the break.  ## burble.dn42  If you have a DN42 project but do not... /services/Virtual-Machines 
        </content>
    </entry>
    
    <entry>
        <title>Whois registry</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/Whois</id>
        <content>
            # Whois registry **aka** _The registry_ contains:    * AS numbers assignations   * Subnet assignations   * DNS root zone for `dn42.`  The registry is a git repository, hosted here: [https://git.dn42.dev/dn42/registry.git](https://git.dn42.dev/dn42/re... /services/Whois 
        </content>
    </entry>
    
    <entry>
        <title>Forwarder setup</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/dns/Configuration</id>
        <content>
            # Forwarder setup  Configuration of common resolver softwares to forward DNS queries for `.dn42` (and reverse DNS) IPv4 and IPv6 anycast services.  You can use any *.recursive-servers.dn42 (where * is a letter) for resolving .dn42 domains. The curren... /services/dns/Configuration 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/dns/External-DNS</id>
        <content>
            This page lists external DNS zones, provided by networks that are interconnected with dn42.  ## Authoritative nameservers   | **Network name** | **Contact** | **DNS zone** | **Reverse zone** | **Authoritative nameservers** | **Last update** | **Comme... /services/dns/External-DNS 
        </content>
    </entry>
    
    <entry>
        <title>DEPRECATED - Please have a look at Hierarchical DNS instead</title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/dns/Providing-Anycast-DNS</id>
        <content>
            # DEPRECATED - Please have a look at [Hierarchical DNS](/services/Old-Hierarchical-DNS) instead  You may want to participate in the anycast DNS cloud.  ## Configuration  Configuration requirements for all members of the anycast group are:  * maintain... /services/dns/Providing-Anycast-DNS 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/dns/Recursive-DNS-resolver</id>
        <content>
            If you want to run your own recursive DNS server, you must find upstream servers that are authoritative for the dn42 zones.  You may use some servers listed in the [table of anycast servers](/services/dns/Providing-Anycast-DNS#Persons-providing-anyca... /services/dns/Recursive-DNS-resolver 
        </content>
    </entry>
    
    <entry>
        <title></title>
        <link rel="alternate" href="" />
        <id>https://dn42.obl.ong/services/mcast-ix</id>
        <content>
            we&apos;re planning to have a mcast-ix.dn42 somewhere in the cloud at #dn42 for years now...  now we have a pull req with cosmetical issues only:   the main goal is to have a shared lan where ases can peer to each other with the following conditions: * pu... /services/mcast-ix 
        </content>
    </entry>
    
</feed>