| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381 |
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="UTF-8">
- <title>NixOS | dn42 wiki</title>
- <meta name="viewport" content="width=device-width, initial-scale=1.0">
- <meta name="robots" content="index, follow">
- <meta name="keywords" content="dn42,wiki,routing,bgp">
- <link rel="canonical" href="https://dn42.obl.ong/howto/nixos.html">
- <link rel="icon" type="image/x-icon" href="/favicon.ico">
- <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico">
- <link rel="author" type="text/html" href="/docs/people">
- <link rel="stylesheet" href="/css/normalize.css">
- <link rel="stylesheet" href="/css/simple.min.css">
- <link rel="stylesheet" href="/css/style.css">
- <link rel="stylesheet" href="/css/menu.css">
- </head>
-
- <body>
- <header>
- <b>dn42 wiki / NixOS</b>
- <div id="dn42_header">
-
- <p><a href="/"><img src="/dn42.png" alt="dn42" /></a></p>
- </div>
- </header>
- <main>
- <h1 id="nixos">NixOS</h1>
- <p>NixOS is a declarative Linux distribution based on the Nix package Manager. In this post I’ll explain how I setup dn42 in this environment. I currently only peer with wireguard and use bird2. NixOS uses configuration files to manage the system state and has a builtin container module.</p>
- <h2 id="container-disclaimer">container disclaimer</h2>
- <p>I had a spare IPv4 Address so I decided to use a container without a NAT and keep my host “clean” from dn42 Wireguard Interfaces and IP routes. However it’s pain full to debug since nixos-rebuild restarts the container on every minor change. So every time you change a firewall rule or debug a DNS setting nixos-rebuild restarts the container before the change takes effect and since BGP is BGP, it can be really frustrating.</p>
- <p>You may also want to have a look at this <a href="https://github.com/NixOS/nixpkgs/issues/43652">Issue</a> and <a href="https://github.com/NixOS/nixpkgs/pull/80169">Pull Request</a></p>
- <p>If you still want to give it a try, here you’ll find some inspiration from my setup. You can also use some of these nix expression in a non-container environment.</p>
- <h2 id="building-the-container">Building the container</h2>
- <p>Defining the container environment is the base part of the setup. Beginning with network setup, Private Network disables the passthrough of Host Interfaces into the container and adds a bridged Interface to the host default Interface (e.g. eth0). The localAddress is the container side address and the hostAddress is the one the Host gets. Inside the <code class="language-plaintext highlighter-rouge">container.<name>.config</code>, you can basicly import the same nix expression as from the Host and don’t need to add some special container parts.</p>
- <div class="language-nix highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">containers</span><span class="o">.</span><span class="nv">dn42</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">hostAddress</span> <span class="o">=</span> <span class="s2">"192.168.254.1"</span><span class="p">;</span> <span class="c"># Transfer Network</span>
- <span class="nv">hostAddress6</span> <span class="o">=</span> <span class="s2">"2001:db08::42"</span><span class="p">;</span> <span class="c"># Transfer Network</span>
- <span class="nv">localAddress</span> <span class="o">=</span> <span class="s2">"116.203.1.5"</span><span class="p">;</span>
- <span class="nv">localAddress6</span> <span class="o">=</span> <span class="s2">"2a01:4f8:c0c:4f7a::2/128"</span><span class="p">;</span>
- <span class="nv">privateNetwork</span> <span class="o">=</span> <span class="kc">true</span><span class="p">;</span>
- <span class="nv">autoStart</span> <span class="o">=</span> <span class="kc">true</span><span class="p">;</span>
- <span class="nv">config</span> <span class="o">=</span> <span class="p">{</span> <span class="nv">config</span><span class="p">,</span> <span class="nv">pkgs</span><span class="p">,</span> <span class="o">...</span> <span class="p">}:</span> <span class="p">{</span>
- <span class="nv">imports</span> <span class="o">=</span> <span class="p">[</span>
- <span class="sx">./peers</span> <span class="c"># Folder with a config for every Peer</span>
- <span class="sx">./dns.nix</span> <span class="c"># Bind with the litschi.dn42 zone deligated</span>
- <span class="sx">./bird.nix</span> <span class="c"># Bird config for BGP Routing</span>
- <span class="sx">./networking.nix</span> <span class="c"># Static Network configuration (with firewall)</span>
- <span class="sx">./nginx.nix</span> <span class="c"># nginx config for litschi.dn42</span>
- <span class="p">];</span>
- <span class="nv">environment</span><span class="o">.</span><span class="nv">systemPackages</span> <span class="o">=</span> <span class="kn">with</span> <span class="nv">pkgs</span><span class="p">;</span> <span class="p">[</span>
- <span class="c"># Network debug tools</span>
- <span class="nv">dnsutils</span>
- <span class="nv">mtr</span>
- <span class="nv">tcpdump</span>
- <span class="nv">wireguard-tools</span>
- <span class="p">];</span>
- <span class="p">}</span>
- <span class="p">}</span>
- </code></pre></div></div>
- <p>In theory the container should now be starting and you can get shell access with <code class="language-plaintext highlighter-rouge">sudo nixos-container root-login <name></code>.</p>
- <p>I mounted some host paths into the container for dns zone files and static homepage since the container is the only one providing .dn42 webservers.</p>
- <div class="language-nix highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">containers</span><span class="o">.</span><span class="nv">dn42</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">bindMounts</span> <span class="o">=</span> <span class="p">{</span>
- <span class="s2">"/var/www/dn42"</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">hostPath</span> <span class="o">=</span> <span class="s2">"/var/www/dn42"</span><span class="p">;</span>
- <span class="nv">isReadOnly</span> <span class="o">=</span> <span class="kc">true</span><span class="p">;</span>
- <span class="nv">mountPoint</span> <span class="o">=</span> <span class="s2">"/var/www/dn42"</span><span class="p">;</span>
- <span class="p">};</span>
- <span class="s2">"/var/dns/dn42"</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">hostPath</span> <span class="o">=</span> <span class="s2">"/var/dns/dn42"</span><span class="p">;</span>
- <span class="nv">isReadOnly</span> <span class="o">=</span> <span class="kc">true</span><span class="p">;</span>
- <span class="nv">mountPoint</span> <span class="o">=</span> <span class="s2">"/var/dns"</span><span class="p">;</span>
- <span class="p">};</span>
- <span class="p">};</span>
- <span class="p">}</span>
- </code></pre></div></div>
- <h3 id="network-setup">Network Setup</h3>
- <p>As mentioned above, I got a spare public IPv4 Address, but by adding it as <code class="language-plaintext highlighter-rouge">localAddress</code>, the container Part is configured static enough. But to forward traffic between Intferfaces <code class="language-plaintext highlighter-rouge">/proc/sys/net/</code> should configured</p>
- <div class="language-nix highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">boot</span><span class="o">.</span><span class="nv">kernel</span><span class="o">.</span><span class="nv">sysctl</span> <span class="o">=</span> <span class="p">{</span>
- <span class="s2">"net.ipv4.ip_forward"</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>
- <span class="s2">"net.ipv6.conf.all.forwarding"</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span>
- <span class="p">};</span>
- </code></pre></div></div>
- <p>This allows our firewall to configure forwarding between peers and other tunnels. What is allowed to be forwarded can be configured in the firewall. Ferm has only few NixOS Options, but is pretty basic. Its configured with the <code class="language-plaintext highlighter-rouge">services.ferm.config</code> options, that contains just a string. Within this string there’s standard plain ferm config. Example config is attached below.
- If the dn42 address is not bound at any other Interface, you need to add it to the lo Interface to use it as source IP when routing via peers with dedicated transfer net.</p>
- <div class="language-nix highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">networking</span><span class="o">.</span><span class="nv">interfaces</span><span class="o">.</span><span class="nv">lo</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">ipv4</span><span class="o">.</span><span class="nv">addresses</span> <span class="o">=</span> <span class="p">[</span>
- <span class="p">{</span>
- <span class="nv">address</span> <span class="o">=</span> <span class="s2">"172.23.73.65"</span><span class="p">;</span>
- <span class="nv">prefixLength</span> <span class="o">=</span> <span class="mi">32</span><span class="p">;</span>
- <span class="p">}</span>
- <span class="p">];</span>
- <span class="nv">ipv6</span><span class="o">.</span><span class="nv">addresses</span> <span class="o">=</span> <span class="p">[</span>
- <span class="p">{</span>
- <span class="nv">address</span> <span class="o">=</span> <span class="s2">"fd67:24bd:a1ea::1"</span><span class="p">;</span>
- <span class="nv">prefixLength</span> <span class="o">=</span> <span class="mi">128</span><span class="p">;</span>
- <span class="p">}</span>
- <span class="p">];</span>
- <span class="p">};</span>
- </code></pre></div></div>
- <h4 id="ferm-example">Ferm example</h4>
- <div class="language-nix highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">services</span><span class="o">.</span><span class="nv">ferm</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">enable</span> <span class="o">=</span> <span class="kc">true</span><span class="p">;</span>
- <span class="nv">config</span> <span class="o">=</span> <span class="s2">''</span><span class="err">
- </span><span class="s2"> domain ip table filter chain INPUT proto icmp ACCEPT;</span><span class="err">
- </span><span class="s2"> domain ip6 table filter chain INPUT proto (ipv6-icmp icmp) ACCEPT;</span><span class="err">
- </span><span class="s2"> domain (ip ip6) table filter {</span><span class="err">
- </span><span class="s2"> chain INPUT {</span><span class="err">
- </span><span class="s2"> policy DROP;</span><span class="err">
- </span><span class="s2"> interface lo ACCEPT;</span><span class="err">
- </span><span class="s2"> interface intern-+ ACCEPT;</span><span class="err">
- </span><span class="s2"> # website</span><span class="err">
- </span><span class="s2"> proto tcp dport (http https) ACCEPT;</span><span class="err">
- </span><span class="s2"> # wireguard</span><span class="err">
- </span><span class="s2"> proto udp dport ( <Wireguard Ports> ) ACCEPT;</span><span class="err">
- </span><span class="s2"> # bgp</span><span class="err">
- </span><span class="s2"> proto tcp dport (179) ACCEPT;</span><span class="err">
- </span><span class="s2"> # dns</span><span class="err">
- </span><span class="s2"> proto (udp tcp) dport domain ACCEPT;</span><span class="err">
- </span><span class="s2"> mod state state (INVALID) DROP;</span><span class="err">
- </span><span class="s2"> mod state state (ESTABLISHED RELATED) ACCEPT;</span><span class="err">
- </span><span class="s2"> }</span><span class="err">
- </span><span class="s2"> chain OUTPUT {</span><span class="err">
- </span><span class="s2"> policy ACCEPT;</span><span class="err">
- </span><span class="s2"> }</span><span class="err">
- </span><span class="s2"> chain FORWARD {</span><span class="err">
- </span><span class="s2"> policy DROP;</span><span class="err">
- </span><span class="s2"> # allow intern routing and dn42 forwarding</span><span class="err">
- </span><span class="s2"> interface dn42-+ outerface dn42-+ ACCEPT;</span><span class="err">
- </span><span class="s2"> interface intern-+ outerface intern-+ ACCEPT;</span><span class="err">
- </span><span class="s2"> interface intern-+ outerface dn42-+ ACCEPT;</span><span class="err">
- </span><span class="s2"> # but dn42 -> intern only with execptions</span><span class="err">
- </span><span class="s2"> interface dn42-+ outerface intern-+ {</span><span class="err">
- </span><span class="s2"> proto (ipv6-icmp icmp) ACCEPT; # Allow SSH Access from dn42 to devices behind intern-+ Interfaces</span><span class="err">
- </span><span class="s2"> proto tcp dport (ssh) ACCEPT;</span><span class="err">
- </span><span class="s2"> mod state state (ESTABLISHED) ACCEPT;</span><span class="err">
- </span><span class="s2"> }</span><span class="err">
- </span><span class="s2"> }</span><span class="err">
- </span><span class="s2"> }</span><span class="err">
- </span><span class="s2"> ''</span><span class="p">;</span>
- <span class="p">};</span>
- </code></pre></div></div>
- <h3 id="peering-with-wireguard">Peering with wireguard</h3>
- <p>Explained above, every peer gets a dedicated wireguard Interface and so a dedicated file. In the container config folder theres a peer subfolder and within a folder for dn42- (extern) Peers and intern- configs e.g. my Home Router or mobile devices.</p>
- <p>A sample wireguard config may look like this:</p>
- <div class="language-nix highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="p">{</span><span class="nv">config</span><span class="p">,</span> <span class="nv">pkgs</span><span class="p">,</span> <span class="o">...</span><span class="p">}:</span>
- <span class="p">{</span>
- <span class="nv">networking</span><span class="o">.</span><span class="nv">wireguard</span><span class="o">.</span><span class="nv">interfaces</span><span class="o">.</span><span class="nv">dn42-peer</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">privateKey</span> <span class="o">=</span> <span class="s2">""</span><span class="p">;</span>
- <span class="nv">allowedIPsAsRoutes</span> <span class="o">=</span> <span class="kc">false</span><span class="p">;</span>
- <span class="nv">listenPort</span> <span class="o">=</span> <span class="mi">42420</span><span class="p">;</span>
- <span class="nv">peers</span> <span class="o">=</span> <span class="p">[</span>
- <span class="p">{</span>
- <span class="nv">publicKey</span> <span class="o">=</span> <span class="s2">""</span><span class="p">;</span>
- <span class="nv">allowedIPs</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"0.0.0.0/0"</span> <span class="s2">"::/0"</span> <span class="p">];</span>
- <span class="nv">endpoint</span> <span class="o">=</span> <span class="s2">"42.42.42.42:42421"</span><span class="p">;</span>
- <span class="p">}</span>
- <span class="p">];</span>
- <span class="nv">postSetup</span> <span class="o">=</span> <span class="s2">''</span><span class="err">
- </span><span class="s2"> </span><span class="si">${</span><span class="nv">pkgs</span><span class="o">.</span><span class="nv">iproute</span><span class="si">}</span><span class="s2">/bin/ip addr add 169.254.0.1/32 peer 169.254.0.0/32 dev dn42-peer</span><span class="err">
- </span><span class="s2"> </span><span class="si">${</span><span class="nv">pkgs</span><span class="o">.</span><span class="nv">iproute</span><span class="si">}</span><span class="s2">/bin/ip -6 addr add fe80::1220/64 dev dn42-peer</span><span class="err">
- </span><span class="s2"> ''</span><span class="p">;</span>
- <span class="p">};</span>
- <span class="p">}</span>
- </code></pre></div></div>
- <p>As seen, the IP configuration is applied via ip-commands in the postSetup. This kinda works but isn’t a fancy solution. There’s room for improvements e.g. configuring static addresses and routes with networkd.</p>
- <h3 id="bgp-routing-with-bird2">BGP Routing with bird2</h3>
- <p>Like ferm, Bird2 is configured by <code class="language-plaintext highlighter-rouge">services.bird2.config</code> containing a string. In there the example bird2 config from <a href="/howto/Bird2">wiki.dn42</a> can be imported. Roa tables can be generated or downloaded from host providing them.</p>
- <h4 id="roa-updating-script">ROA Updating script</h4>
- <p>Sample example to update ROA’s :</p>
- <div class="language-nix highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="p">{</span> <span class="nv">pkgs</span><span class="p">,</span> <span class="nv">lib</span><span class="p">,</span> <span class="o">...</span> <span class="p">}:</span>
- <span class="kd">let</span> <span class="nv">script</span> <span class="o">=</span> <span class="nv">pkgs</span><span class="o">.</span><span class="nv">writeShellScriptBin</span> <span class="s2">"update-roa"</span> <span class="s2">''</span><span class="err">
- </span><span class="s2"> mkdir -p /etc/bird/</span><span class="err">
- </span><span class="s2"> </span><span class="si">${</span><span class="nv">pkgs</span><span class="o">.</span><span class="nv">curl</span><span class="si">}</span><span class="s2">/bin/curl -sfSLR {-o,-z}/etc/bird/roa_dn42_v6.conf https://dn42.burble.com/roa/dn42_roa_bird2_6.conf</span><span class="err">
- </span><span class="s2"> </span><span class="si">${</span><span class="nv">pkgs</span><span class="o">.</span><span class="nv">curl</span><span class="si">}</span><span class="s2">/bin/curl -sfSLR {-o,-z}/etc/bird/roa_dn42.conf https://dn42.burble.com/roa/dn42_roa_bird2_4.conf</span><span class="err">
- </span><span class="s2"> </span><span class="si">${</span><span class="nv">pkgs</span><span class="o">.</span><span class="nv">bird2</span><span class="si">}</span><span class="s2">/bin/birdc c </span><span class="err">
- </span><span class="s2"> </span><span class="si">${</span><span class="nv">pkgs</span><span class="o">.</span><span class="nv">bird2</span><span class="si">}</span><span class="s2">/bin/birdc reload in all</span><span class="err">
- </span><span class="s2"> ''</span><span class="p">;</span>
- <span class="kn">in</span>
- <span class="p">{</span>
- <span class="nv">systemd</span><span class="o">.</span><span class="nv">timers</span><span class="o">.</span><span class="nv">dn42-roa</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">description</span> <span class="o">=</span> <span class="s2">"Trigger a ROA table update"</span><span class="p">;</span>
- <span class="nv">timerConfig</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">OnBootSec</span> <span class="o">=</span> <span class="s2">"5m"</span><span class="p">;</span>
- <span class="nv">OnUnitInactiveSec</span> <span class="o">=</span> <span class="s2">"1h"</span><span class="p">;</span>
- <span class="nv">Unit</span> <span class="o">=</span> <span class="s2">"dn42-roa.service"</span><span class="p">;</span>
- <span class="p">};</span>
- <span class="nv">wantedBy</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"timers.target"</span> <span class="p">];</span>
- <span class="nv">before</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"bird.service"</span> <span class="p">];</span>
- <span class="p">};</span>
- <span class="nv">systemd</span><span class="o">.</span><span class="nv">services</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">dn42-roa</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">after</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"network.target"</span> <span class="p">];</span>
- <span class="nv">description</span> <span class="o">=</span> <span class="s2">"DN42 ROA Updated"</span><span class="p">;</span>
- <span class="nv">unitConfig</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">Type</span> <span class="o">=</span> <span class="s2">"one-shot"</span><span class="p">;</span>
- <span class="p">};</span>
- <span class="nv">serviceConfig</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">ExecStart</span> <span class="o">=</span> <span class="s2">"</span><span class="si">${</span><span class="nv">script</span><span class="si">}</span><span class="s2">/bin/update-roa"</span><span class="p">;</span>
- <span class="p">};</span>
- <span class="p">};</span>
- <span class="p">};</span>
- <span class="p">}</span>
- </code></pre></div></div>
- <h3 id="bird-looking-glass">Bird Looking Glass</h3>
- <p>There is now (thanks to <a href="https://github.com/NixOS/nixpkgs/pull/153481">Tchekda</a>) a direct way to setup a looking glass for bird on Nixos. <a href="https://github.com/NixOS/nixpkgs/blob/3aab5ebd436023ca8343a84804d51cd227dd01dd/nixos/modules/services/networking/bird-lg.nix">Documentation</a> and sample :</p>
- <div class="language-nix highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">bird-lg</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">proxy</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">enable</span> <span class="o">=</span> <span class="kc">true</span><span class="p">;</span>
- <span class="nv">allowedIPs</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"172.20.XX.XX"</span> <span class="s2">"172.20.XX.YY"</span> <span class="p">];</span>
- <span class="p">};</span>
- <span class="nv">frontend</span> <span class="o">=</span> <span class="p">{</span>
- <span class="nv">enable</span> <span class="o">=</span> <span class="kc">true</span><span class="p">;</span>
- <span class="nv">netSpecificMode</span> <span class="o">=</span> <span class="s2">"dn42"</span><span class="p">;</span>
- <span class="nv">servers</span> <span class="o">=</span> <span class="p">[</span> <span class="s2">"node1"</span> <span class="s2">"node2"</span> <span class="p">];</span>
- <span class="nv">domain</span> <span class="o">=</span> <span class="s2">"domain.dn42"</span><span class="p">;</span>
- <span class="p">};</span>
- <span class="p">};</span>
- </code></pre></div></div>
- <h3 id="services">Services</h3>
- <p>I also run services like a nameserver for .litschi.dn42 zones and a nginx webserver within this container. Since Host path for <code class="language-plaintext highlighter-rouge">/var/www/dn42</code> and <code class="language-plaintext highlighter-rouge">/var/dns/dn42</code> are booth binded into the container, zone config and e.g. website and be edited directly from Host without need the rebuild the hole container.</p>
- <h3 id="sample-configuration">Sample configuration</h3>
- <p>You can find a sample Wireguard + Bird configuration made by Tchekda ready for dn42 on <a href="https://github.com/Tchekda/nixos-configuration/tree/master/llitt/dn42">this</a> repository</p>
- <div id="menu-container" class="menu-container">
- <hr>
- <div id="menu" class="menu">
-
- <ul>
- <li><a href="/Home">Home</a>
- <ul>
- <li><a href="/howto/Getting-Started">Getting Started</a></li>
- <li><a href="/howto/Registry-Authentication">Registry Authentication</a></li>
- <li><a href="/howto/Address-Space">Address Space</a></li>
- <li><a href="/howto/BGP-communities">BGP communities</a></li>
- <li><a href="/FAQ">FAQ</a></li>
- </ul>
- </li>
- <li>How-To
- <ul>
- <li><a href="/howto/wireguard">Wireguard</a></li>
- <li><a href="/howto/openvpn">Openvpn</a></li>
- <li><a href="/howto/IPsec-with-PublicKeys">IPsec With Public Keys</a></li>
- <li><a href="/howto/tinc">Tinc</a></li>
- <li><a href="/howto/GRE-on-FreeBSD">GRE on FreeBSD</a></li>
- <li><a href="/howto/GRE-on-OpenBSD">GRE on OpenBSD</a></li>
- <li><a href="/howto/IPv6-Multicast">IPv6 Multicast (PIM-SM)</a></li>
- <li><a href="/howto/multicast">SSM Multicast</a></li>
- <li><a href="/howto/mpls">MPLS</a></li>
- <li><a href="/howto/Bird2">Bird2</a></li>
- <li><a href="/howto/frr">FRRouting</a></li>
- <li><a href="/howto/OpenBGPD">OpenBGPD</a></li>
- <li><a href="/howto/mikrotik">Mikrotik RouterOS</a></li>
- <li><a href="/howto/EdgeOS-Config">EdgeRouter</a></li>
- <li><a href="/howto/Static-routes-on-Windows">Static routes on Windows</a></li>
- <li><a href="/howto/networksettings">Universal Network Requirements</a></li>
- <li><a href="/howto/vyos1.4.x">VyOS</a></li>
- <li><a href="/howto/nixos">NixOS</a></li>
- </ul>
- </li>
- <li>Services
- <ul>
- <li><a href="/services/IRC">IRC</a></li>
- <li><a href="/services/Whois">Whois registry</a></li>
- <li><a href="/services/DNS">DNS</a></li>
- <li><a href="/services/IX-Collection">IX Collection</a></li>
- <li><a href="/services/Clearnet-Domains">Public DNS</a></li>
- <li><a href="/services/Looking-Glasses">Looking Glasses</a></li>
- <li><a href="/services/Automatic-Peering">Automatic Peering</a></li>
- <li><a href="/services/Repository-Mirrors">Repository Mirrors</a></li>
- <li><a href="/services/Distributed-Wiki">Distributed Wiki</a></li>
- <li><a href="/services/Certificate-Authority">Certificate Authority</a></li>
- <li><a href="/services/Route-Collector">Route Collector</a></li>
- </ul>
- </li>
- <li>Internal
- <ul>
- <li><a href="/internal/Internal-Services">Internal services</a></li>
- <li><a href="/internal/Interconnections">Interconnections</a></li>
- <li><a href="/internal/APIs">APIs</a></li>
- <li><a href="/internal/ShowAndTell">Show and Tell</a></li>
- <li><a href="/internal/Historical-Services">Historical services</a></li>
- </ul>
- </li>
- <li>Historical
- <ul>
- <li><a href="/historical/Bird">Bird 1</a></li>
- <li><a href="/historical/Quagga">Quagga</a></li>
- </ul>
- </li>
- <li>External Tools
- <ul>
- <li><a href="https://paste.dn42.us">Paste Board</a></li>
- <li><a href="https://git.dn42.dev">Git Repositories</a></li>
- </ul>
- </li>
- </ul>
- <hr />
- </div>
- </div>
- </main>
-
- <footer><div class="center">
- <div id="dn42_footer">
-
- <table>
- <tbody>
- <tr>
- <td>Hosted by: <a href="mailto:dn42@burble.com">BURBLE-MNT</a>, <a href="mailto:nurtic-vibe@grmml.net">GRMML-MNT</a>, <a href="mailto:xuu@dn42.us">XUU-MNT</a>, <a href="mailto:janeric@ortgies.it">JAN-MNT</a>, <a href="mailto:lare@lare.cc">LARE-MNT</a>, <a href="mailto:danny@saru.moe">SARU-MNT</a>, <a href="mailto:androw95220@gmail.com">ANDROW-MNT</a>, <a href="mailto:dn42@mk16.de">MARK22K-MNT</a></td>
- <td>Accessible via: <a href="https://wiki.dn42">dn42</a>, <a href="https://dn42.dev/">dn42.dev</a>, <a href="https://dn42.eu/">dn42.eu</a>, <a href="https://wiki.dn42.us/">wiki.dn42.us</a>, <a href="https://dn42.de/">dn42.de</a> (IPv6-only), <a href="https://dn42.cc/">dn42.cc</a> (wiki-ng), <a href="https://dn42.wiki/">dn42.wiki</a>, <a href="https://dn42.pp.ua/">dn42.pp.ua</a>, <a href="https://dn42.obl.ong/">dn42.obl.ong</a></td>
- </tr>
- </tbody>
- </table>
- </div>
- </div>
- </footer>
-
- </body>
- </html>
|
