Home Explore Help
Sign In
mark22k
/
dn42-wiki
mirror of https://codeberg.org/mark22k/dn42-wiki.git
Watch 1
Star 0
Fork 0
Files Issues 0 Wiki
Branch: pages
Branches Tags
dn42-wiki
/
howto
/
Address-Space.html

Address-Space.html 11 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231 
  1. <!DOCTYPE html>
    2. 

  2. <html lang="en">
    3. 

  3.     <head>
    4. 

  4. <meta charset="UTF-8">
    5. 

  5. 

  6. 

  7. 

  8. <title>Address-space | dn42 wiki</title>
    9. 

  9. 

  10. <meta name="viewport" content="width=device-width, initial-scale=1.0">
    11. 

  11. <meta name="robots" content="index, follow">
    12. 

  12. <meta name="keywords" content="dn42,wiki,routing,bgp">
    13. 

  13. 

  14. <link rel="canonical" href="https://dn42.obl.ong/howto/Address-Space.html">
    15. 

  15. <link rel="icon" type="image/x-icon" href="/favicon.ico">
    16. 

  16. <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico">
    17. 

  17. 

  18. <link rel="author" type="text/html" href="/docs/people">
    19. 

  19. 

  20. <link rel="stylesheet" href="/css/normalize.css">
    21. 

  21. <link rel="stylesheet" href="/css/simple.min.css">
    22. 

  22. <link rel="stylesheet" href="/css/style.css">
    23. 

  23. <link rel="stylesheet" href="/css/menu.css">
    24. 

  24. 

  25. 

  26. </head>
    27. 

  27.     
    28. 

  28.     <body>
    29. 

  29. 

  30.         <header>
    31. 

  31. 

  32. 

  33. <b>dn42 wiki / Address-space</b>
    34. 

  34. 

  35. <div id="dn42_header">
    36. 

  36.     
    37. 

  37.     <p><a href="/"><img src="/dn42.png" alt="dn42" /></a></p>
    38. 

  38. 

  39. </div>
    40. 

  40. </header>
    41. 

  41. 

  42.         <main>
    43. 

  43.             <p>DN42 uses network addresses in the <a href="https://tools.ietf.org/html/rfc1918">rfc1918</a> and <a href="https://tools.ietf.org/html/rfc4193">ULA</a> ranges. These are described in detail within the sections below.</p>
    44. 

  44. 

  45. <p>The <a href="https://git.dn42.dev/dn42/registry">DN42 registry</a> is the authoritative source of information on address space assignment. Within the registry, the DN42 address space is divided in to blocks based on <em>policies</em> that define how the addresses may be used. Policies are defined in <code class="language-plaintext highlighter-rouge">inetnum</code> and <code class="language-plaintext highlighter-rouge">inet6num</code> objects and can be:</p>
    46. 

  46. 

  47. <ul>
    48. 

  48.   <li><strong>open</strong> - users may request prefixes in this range, subject to any constraints that are described in the <code class="language-plaintext highlighter-rouge">remark</code> attributes</li>
    49. 

  49.   <li><strong>closed</strong> - these ranges cannot be assigned</li>
    50. 

  50.   <li><strong>reserved</strong> - these ranges are reserved for future use</li>
    51. 

  51.   <li><strong>ask</strong> - these ranges are for specific uses, please ask on the mailing list before requesting assignments</li>
    52. 

  52. </ul>
    53. 

  53. 

  54. <p>A simple way to see all the active policies in the registry is to search the registry content for policy attributes:</p>
    55. 

  55. 

  56. <div class="language-sh highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nb">grep</span> <span class="nt">-r</span> ^policy data/inet<span class="o">{</span>,6<span class="o">}</span>num/
    57. 

  57. </code></pre></div></div>
    58. 

  58. 

  59. <p>The <a href="https://git.dn42.dev/dn42/registry/src/master/data/filter.txt">filter.txt</a> and <a href="https://git.dn42.dev/dn42/registry/src/master/data/filter6.txt">filter6.txt</a> files within the registry detail the network wide constraints on what address ranges are in use together with the global limits on what can be announced.</p>
    60. 

  60. 

  61. <p><code class="language-plaintext highlighter-rouge">inetnum</code> and <code class="language-plaintext highlighter-rouge">inet6num</code> objects within the registry are used to describe the allocation of address space to users. <code class="language-plaintext highlighter-rouge">route</code> and <code class="language-plaintext highlighter-rouge">route6</code> objects in the registry are used to validate routing announcements through <a href="/howto/Bird2#route-origin-authorization">ROA</a>.</p>
    62. 

  62. 

  63. <p>In addition to the native DN42 address ranges, the registry also contains allocations for the address space used by affiliate networks. These are updated by a regular <a href="https://git.dn42.dev/dn42/registry-sync">sync script</a>.</p>
    64. 

  64. 

  65. <p>Globally routable prefixes are not supported in DN42; they are denied via the registry filter{6,}.txt files and many networks will filter both announcements and traffic for prefixes that are outside of the allowable ranges.</p>
    66. 

  66. 

  67. <h1 id="ipv6-address-space">IPv6 Address Space</h1>
    68. 

  68. 

  69. <p>DN42 uses the fd00::/8 ULA range for IPv6 addresses. Apart from a block of addresses reserved for anycast (fd42:d42:d42::/48), the whole fd00::/8 block has an open policy and users are free to request any prefix in this range, that is not already allocated.</p>
    70. 

  70. 

  71. <p><strong>The DN42 registry is not authoritative for the fd00::/8 range</strong></p>
    72. 

  72. 

  73. <p>DN42 is interconnected with other networks, like icvpn, which also use the same ULA range and many users will also use this range for their own networks. A registration in the dn42 registry cannot prevent IPv6 conflicts, so a fully random prefix (see <a href="https://tools.ietf.org/html/rfc4193">RFC4193</a>) is strongly recommended. If an address conflict is found, then needing to renumber your network is no fun.</p>
    74. 

  74. 

  75. <h1 id="ipv4-address-space">IPv4 Address Space</h1>
    76. 

  76. 

  77. <p>DN42 uses the 172.20.0.0/14 range for IPv4 addresses. As with the public internet, IPv4 space is more limited and users are encouraged to conserve space where possible. A typical assignment in DN42 is a /27 and any requests for assignments larger than /24 must provide justification.</p>
    78. 

  78. 

  79. <p>Unlike the IPv6 address space, the DN42 IPv4 space is not fully open for assignment to users; some ranges are intended for specific uses and other ranges are reserved. See the policy section, below. Users should always check the policy in the registry before requesting a prefix to be assigned.</p>
    80. 

  80. 

  81. <p>There are other IPv4 ranges in use within DN42 related to the affiliate networks, see the <a href="https://git.dn42.dev/dn42/registry/src/master/data/filter.txt">filter.txt</a> file in the registry.</p>
    82. 

  82. 

  83. <h2 id="ipv4-policies">IPv4 Policies</h2>
    84. 

  84. 

  85. <p>The diagram below shows the allocation policies for the DN42 address space.</p>
    86. 

  86. 

  87. <p><img src="/howto/images/PolicyMap.png" alt="Policy Map Image" /></p>
    88. 

  88. 

  89. <p>Specific policy restrictions:</p>
    90. 

  90. 

  91. <table>
    92. 

  92.   <thead>
    93. 

  93.     <tr>
    94. 

  94.       <th>Prefix</th>
    95. 

  95.       <th>Usage</th>
    96. 

  96.     </tr>
    97. 

  97.   </thead>
    98. 

  98.   <tbody>
    99. 

  99.     <tr>
    100. 

  100.       <td>172.20.0.0/24<br />172.21.0.0/24<br />172.22.0.0/24<br />172.23.0.0/24</td>
    101. 

  101.       <td>Reserved for anycast addresses</td>
    102. 

  102.     </tr>
    103. 

  103.     <tr>
    104. 

  104.       <td>172.20.240.0/20<br />172.22.240.0/20</td>
    105. 

  105.       <td>Reserved for transfer networks</td>
    106. 

  106.     </tr>
    107. 

  107.     <tr>
    108. 

  108.       <td>172.20.64.0/18</td>
    109. 

  109.       <td>Reserved for allocations larger than /23, up to /21</td>
    110. 

  110.     </tr>
    111. 

  111.     <tr>
    112. 

  112.       <td>172.22.0.0/18</td>
    113. 

  113.       <td>Reserved for allocations of /24 or larger, up to /21</td>
    114. 

  114.     </tr>
    115. 

  115.     <tr>
    116. 

  116.       <td>172.23.16.0/21</td>
    117. 

  117.       <td>Closed to new allocations</td>
    118. 

  118.     </tr>
    119. 

  119.     <tr>
    120. 

  120.       <td>172.21.0.0/18<br />172.21.128.0/17<br />172.22.192.0/18</td>
    121. 

  121.       <td>Reserved for future use</td>
    122. 

  122.     </tr>
    123. 

  123.   </tbody>
    124. 

  124. </table>
    125. 

  125. 

  126. 

  127. 

  128. 

  129.             <div id="menu-container" class="menu-container">
    130. 

  130.                 <hr>
    131. 

  131.                 <div id="menu" class="menu">
    132. 

  132.                     
    133. 

  133.                     <ul>
    134. 

  134.   <li><a href="/Home">Home</a>
    135. 

  135.     <ul>
    136. 

  136.       <li><a href="/howto/Getting-Started">Getting Started</a></li>
    137. 

  137.       <li><a href="/howto/Registry-Authentication">Registry Authentication</a></li>
    138. 

  138.       <li><a href="/howto/Address-Space">Address Space</a></li>
    139. 

  139.       <li><a href="/howto/BGP-communities">BGP communities</a></li>
    140. 

  140.       <li><a href="/FAQ">FAQ</a></li>
    141. 

  141.     </ul>
    142. 

  142.   </li>
    143. 

  143.   <li>How-To
    144. 

  144.     <ul>
    145. 

  145.       <li><a href="/howto/wireguard">Wireguard</a></li>
    146. 

  146.       <li><a href="/howto/openvpn">Openvpn</a></li>
    147. 

  147.       <li><a href="/howto/IPsec-with-PublicKeys">IPsec With Public Keys</a></li>
    148. 

  148.       <li><a href="/howto/tinc">Tinc</a></li>
    149. 

  149.       <li><a href="/howto/GRE-on-FreeBSD">GRE on FreeBSD</a></li>
    150. 

  150.       <li><a href="/howto/GRE-on-OpenBSD">GRE on OpenBSD</a></li>
    151. 

  151.       <li><a href="/howto/IPv6-Multicast">IPv6 Multicast (PIM-SM)</a></li>
    152. 

  152.       <li><a href="/howto/multicast">SSM Multicast</a></li>
    153. 

  153.       <li><a href="/howto/mpls">MPLS</a></li>
    154. 

  154.       <li><a href="/howto/Bird2">Bird2</a></li>
    155. 

  155.       <li><a href="/howto/frr">FRRouting</a></li>
    156. 

  156.       <li><a href="/howto/OpenBGPD">OpenBGPD</a></li>
    157. 

  157.       <li><a href="/howto/mikrotik">Mikrotik RouterOS</a></li>
    158. 

  158.       <li><a href="/howto/EdgeOS-Config">EdgeRouter</a></li>
    159. 

  159.       <li><a href="/howto/Static-routes-on-Windows">Static routes on Windows</a></li>
    160. 

  160.       <li><a href="/howto/networksettings">Universal Network Requirements</a></li>
    161. 

  161.       <li><a href="/howto/vyos1.4.x">VyOS</a></li>
    162. 

  162.       <li><a href="/howto/nixos">NixOS</a></li>
    163. 

  163.     </ul>
    164. 

  164.   </li>
    165. 

  165.   <li>Services
    166. 

  166.     <ul>
    167. 

  167.       <li><a href="/services/IRC">IRC</a></li>
    168. 

  168.       <li><a href="/services/Whois">Whois registry</a></li>
    169. 

  169.       <li><a href="/services/DNS">DNS</a></li>
    170. 

  170.       <li><a href="/services/IX-Collection">IX Collection</a></li>
    171. 

  171.       <li><a href="/services/Clearnet-Domains">Public DNS</a></li>
    172. 

  172.       <li><a href="/services/Looking-Glasses">Looking Glasses</a></li>
    173. 

  173.       <li><a href="/services/Automatic-Peering">Automatic Peering</a></li>
    174. 

  174.       <li><a href="/services/Repository-Mirrors">Repository Mirrors</a></li>
    175. 

  175.       <li><a href="/services/Distributed-Wiki">Distributed Wiki</a></li>
    176. 

  176.       <li><a href="/services/Certificate-Authority">Certificate Authority</a></li>
    177. 

  177.       <li><a href="/services/Route-Collector">Route Collector</a></li>
    178. 

  178.     </ul>
    179. 

  179.   </li>
    180. 

  180.   <li>Internal
    181. 

  181.     <ul>
    182. 

  182.       <li><a href="/internal/Internal-Services">Internal services</a></li>
    183. 

  183.       <li><a href="/internal/Interconnections">Interconnections</a></li>
    184. 

  184.       <li><a href="/internal/APIs">APIs</a></li>
    185. 

  185.       <li><a href="/internal/ShowAndTell">Show and Tell</a></li>
    186. 

  186.       <li><a href="/internal/Historical-Services">Historical services</a></li>
    187. 

  187.     </ul>
    188. 

  188.   </li>
    189. 

  189.   <li>Historical
    190. 

  190.     <ul>
    191. 

  191.       <li><a href="/historical/Bird">Bird 1</a></li>
    192. 

  192.       <li><a href="/historical/Quagga">Quagga</a></li>
    193. 

  193.     </ul>
    194. 

  194.   </li>
    195. 

  195.   <li>External Tools
    196. 

  196.     <ul>
    197. 

  197.       <li><a href="https://paste.dn42.us">Paste Board</a></li>
    198. 

  198.       <li><a href="https://git.dn42.dev">Git Repositories</a></li>
    199. 

  199.     </ul>
    200. 

  200.   </li>
    201. 

  201. </ul>
    202. 

  202. 

  203. <hr />
    204. 

  204. 

  205. 

  206.                 </div>
    207. 

  207.             </div>
    208. 

  208.         </main>
    209. 

  209.         
    210. 

  210.         <footer><div class="center">
    211. 

  211.     <div id="dn42_footer">
    212. 

  212.         
    213. 

  213.         <table>
    214. 

  214.   <tbody>
    215. 

  215.     <tr>
    216. 

  216.       <td>Hosted by: <a href="mailto:dn42@burble.com">BURBLE-MNT</a>, <a href="mailto:nurtic-vibe@grmml.net">GRMML-MNT</a>, <a href="mailto:xuu@dn42.us">XUU-MNT</a>, <a href="mailto:janeric@ortgies.it">JAN-MNT</a>, <a href="mailto:lare@lare.cc">LARE-MNT</a>, <a href="mailto:danny@saru.moe">SARU-MNT</a>, <a href="mailto:androw95220@gmail.com">ANDROW-MNT</a>, <a href="mailto:dn42@mk16.de">MARK22K-MNT</a></td>
    217. 

  217.       <td>Accessible via: <a href="https://wiki.dn42">dn42</a>, <a href="https://dn42.dev/">dn42.dev</a>, <a href="https://dn42.eu/">dn42.eu</a>, <a href="https://wiki.dn42.us/">wiki.dn42.us</a>, <a href="https://dn42.de/">dn42.de</a> (IPv6-only), <a href="https://dn42.cc/">dn42.cc</a> (wiki-ng), <a href="https://dn42.wiki/">dn42.wiki</a>, <a href="https://dn42.pp.ua/">dn42.pp.ua</a>, <a href="https://dn42.obl.ong/">dn42.obl.ong</a></td>
    218. 

  218.     </tr>
    219. 

  219.   </tbody>
    220. 

  220. </table>
    221. 

  221. 

  222.     </div>
    223. 

  223. </div>
    224. 

  224. </footer>
    225. 

  225. 

  226.         
    227. 

  227. 

  228.     </body>
    229. 

  229. 

  230. </html>
    231. 

  231.