1
mirror of https://git.dn42.dev/wiki/wiki.git synced 2024-12-01 14:58:11 +01:00

rewrite all links to make wiki more compatiple with wiki-ng

use <http(s)://link> instead of plain http(s)://link

use absolute links + remove https://internal.dn42 and https//wiki.dn42
prefixes
This commit is contained in:
lare 2023-04-08 21:53:12 +02:00
parent 8239eb88a8
commit 4c127e7c98
56 changed files with 356 additions and 353 deletions

2
FAQ.md
View File

@ -69,7 +69,7 @@ In order to prevent this, you need to supply a different subnet range to the Doc
] ]
} }
``` ```
Note, I (@bri / AS4242422825) have only tested this with Docker version 23.0.0, build e92dd87. But it should work with any current version. I don't know how Swarm etc. networking works, this might need additional tweaking for other versions. (Referenced from https://straz.to/2021-09-08-docker-address-pools/ and https://docs.docker.com/network/bridge/ — I used this to get my `thelounge` container to connect to hackint.dn42.) Note, I (@bri / AS4242422825) have only tested this with Docker version 23.0.0, build e92dd87. But it should work with any current version. I don't know how Swarm etc. networking works, this might need additional tweaking for other versions. (Referenced from <https://straz.to/2021-09-08-docker-address-pools/> and <https://docs.docker.com/network/bridge/> — I used this to get my `thelounge` container to connect to hackint.dn42.)
### Can I update the wiki? ### Can I update the wiki?

View File

@ -76,7 +76,7 @@ The [Getting started](/howto/Getting-Started) page helps you to get your first n
## About this wiki ## About this wiki
This wiki is the main reference about dn42. It is available in read-only mode from the Internet [here](https://wiki.dn42.us) or [here](https://dn42.dev) or [here](https://dn42.tk) or [here](https://dn42.eu) or [here](https://dn42.wiki) or [here](https://dn42.cc) or [here (v6 only)](https://dn42.de) and for editing from within dn42, at [https://wiki.dn42](https://wiki.dn42) - [https](services/Certificate-Authority) required for editing. This wiki is the main reference about dn42. It is available in read-only mode from the Internet [here](https://wiki.dn42.us) or [here](https://dn42.dev) or [here](https://dn42.tk) or [here](https://dn42.eu) or [here](https://dn42.wiki) or [here](https://dn42.cc) or [here (v6 only)](https://dn42.de) and for editing from within dn42, at <https://wiki.dn42> - [https](services/Certificate-Authority) required for editing.
### DN42 Logo ### DN42 Logo

View File

@ -1,26 +1,26 @@
This is a small list of links. Some of them are informative, some educational, some funny and some entertaining. You know a link you want to share? Then edit the page and add it! This is a small list of links. Some of them are informative, some educational, some funny and some entertaining. You know a link you want to share? Then edit the page and add it!
Books: Books:
- https://github.com/gsahinpi/acm361/raw/master/Computer%20Networks%20-%20A%20Tanenbaum%20-%205th%20edition.pdf - [Computer Networks -Tanenbaum](https://github.com/gsahinpi/acm361/raw/master/Computer%20Networks%20-%20A%20Tanenbaum%20-%205th%20edition.pdf)
Tutorials: Tutorials:
- https://jlu5.com/blog/dn42-multiple-servers-ibgp-igps - [Multiple servers on dn42: iBGP and IGPs](https://jlu5.com/blog/dn42-multiple-servers-ibgp-igps)
- https://github.com/knorrie/network-examples - [Network Examples](https://github.com/knorrie/network-examples)
- https://bgpfilterguide.nlnog.net/ - [BGP Filter Guides](https://bgpfilterguide.nlnog.net/)
Examples and Blogs: Examples and Blogs:
- https://lantian.pub/en/page/dn42/ - [lantian's blog](https://lantian.pub/en/page/dn42/)
- https://github.com/jlu5/ansible-dn42 - [jlu5's dn42 config](https://github.com/jlu5/ansible-dn42)
Videos: Videos:
- English - English
- https://www.youtube.com/watch?v=oKyhrbG3sjI - [BGP Tutorial Massimiliano Stucchi, Tom Smyth ](https://www.youtube.com/watch?v=oKyhrbG3sjI)
- https://media.ccc.de/v/denog13-12617-local-pref-considered-evil - [local-pref considered evil ](https://media.ccc.de/v/denog13-12617-local-pref-considered-evil)
- German - German
- https://media.ccc.de/v/routingdays16-18-network_ip_basics - [Network / IP Basics OSI-Modell und Protokolle im Überblick](https://media.ccc.de/v/routingdays16-18-network_ip_basics)
- https://media.ccc.de/v/routingdays16-14-ibgp_fundamentals - [iBGP Fundamentals BGP im internen Netzwerk.](https://media.ccc.de/v/routingdays16-14-ibgp_fundamentals)
- https://media.ccc.de/v/routingdays16-10-e_bgp_fundamentals - [(e)BGP Fundamentals Route selection, AS path, prefix, metrics and state machine](https://media.ccc.de/v/routingdays16-10-e_bgp_fundamentals)
Funny: Funny:
- https://ipv6bingo.com/ - [ipv6bingo](https://ipv6bingo.com/)

View File

@ -2,11 +2,11 @@
## Other Lists ## Other Lists
- http://en.wikipedia.org/wiki/List_of_wireless_community_networks_by_region - <http://en.wikipedia.org/wiki/List_of_wireless_community_networks_by_region>
- http://en.wikipedia.org/wiki/Darknet_(networking) - <http://en.wikipedia.org/wiki/Darknet_(networking)>
https://en.wikipedia.org/wiki/Category:Anonymity_networks - <https://en.wikipedia.org/wiki/Category:Anonymity_networks>
- http://anonet2.biz/List%20of%20Anonymous%20Networks - <http://anonet2.biz/List%20of%20Anonymous%20Networks>
- https://en.wikipedia.org/wiki/Anonymous_P2P - <https://en.wikipedia.org/wiki/Anonymous_P2P>
## Anonymity ## Anonymity
@ -43,7 +43,7 @@ OneSwarm can be run as a darknet for friend-to-friend file-sharing.
- **CRXN** - **CRXN**
## AnoNet ## AnoNet
A wiki page dedicated to the AnoNet Network: http://wiki.qontrol.nl/Anonet A wiki page dedicated to the AnoNet Network: <http://wiki.qontrol.nl/Anonet>
## TINC Clouds ## TINC Clouds

View File

@ -15,7 +15,7 @@ grep -r ^policy data/inet{,6}num/
The [filter.txt](https://git.dn42.dev/dn42/registry/src/master/data/filter.txt) and [filter6.txt](https://git.dn42.dev/dn42/registry/src/master/data/filter6.txt) files within the registry detail the network wide constraints on what address ranges are in use together with the global limits on what can be announced. The [filter.txt](https://git.dn42.dev/dn42/registry/src/master/data/filter.txt) and [filter6.txt](https://git.dn42.dev/dn42/registry/src/master/data/filter6.txt) files within the registry detail the network wide constraints on what address ranges are in use together with the global limits on what can be announced.
`inetnum` and `inet6num` objects within the registry are used to describe the allocation of address space to users. `route` and `route6` objects in the registry are used to validate routing announcements through [ROA](https://wiki.dn42/howto/Bird#route-origin-authorization). `inetnum` and `inet6num` objects within the registry are used to describe the allocation of address space to users. `route` and `route6` objects in the registry are used to validate routing announcements through [ROA](/howto/Bird#route-origin-authorization).
In addition to the native DN42 address ranges, the registry also contains allocations for the address space used by affiliate networks. These are updated by a regular [sync script](https://git.dn42.dev/dn42/registry-sync). In addition to the native DN42 address ranges, the registry also contains allocations for the address space used by affiliate networks. These are updated by a regular [sync script](https://git.dn42.dev/dn42/registry-sync).
@ -41,7 +41,7 @@ There are other IPv4 ranges in use within DN42 related to the affiliate networks
The diagram below shows the allocation policies for the DN42 address space. The diagram below shows the allocation policies for the DN42 address space.
![Policy Map Image](images/PolicyMap.png) ![Policy Map Image](/howto/images/PolicyMap.png)
Specific policy restrictions: Specific policy restrictions:

View File

@ -256,21 +256,21 @@ ROA files generated by [dn42regsrv](https://git.burble.com/burble.dn42/dn42regsr
|URL|&nbsp;IPv4/IPv6&nbsp;|Description| |URL|&nbsp;IPv4/IPv6&nbsp;|Description|
|---|---|---| |---|---|---|
|[https://dn42.burble.com/roa/dn42_roa_46.json](https://dn42.burble.com/roa/dn42_roa_46.json) &nbsp; | &nbsp;Both&nbsp; | JSON format for use with RPKI | | <https://dn42.burble.com/roa/dn42_roa_46.json> &nbsp; | &nbsp;Both&nbsp; | JSON format for use with RPKI |
|[https://dn42.burble.com/roa/dn42_roa_bird1_46.conf](https://dn42.burble.com/roa/dn42_roa_bird1_46.conf) &nbsp; | &nbsp;Both&nbsp; | Bird1 format | | <https://dn42.burble.com/roa/dn42_roa_bird1_46.conf> &nbsp; | &nbsp;Both&nbsp; | Bird1 format |
|[https://dn42.burble.com/roa/dn42_roa_bird1_4.conf](https://dn42.burble.com/roa/dn42_roa_bird1_4.conf) &nbsp; | &nbsp;IPv4 Only&nbsp; | Bird1 format | | <https://dn42.burble.com/roa/dn42_roa_bird1_4.conf> &nbsp; | &nbsp;IPv4 Only&nbsp; | Bird1 format |
|[https://dn42.burble.com/roa/dn42_roa_bird1_6.conf](https://dn42.burble.com/roa/dn42_roa_bird1_6.conf) &nbsp; | &nbsp;IPv6 Only&nbsp; | Bird1 format | | <https://dn42.burble.com/roa/dn42_roa_bird1_6.conf> &nbsp; | &nbsp;IPv6 Only&nbsp; | Bird1 format |
|[https://dn42.burble.com/roa/dn42_roa_bird2_46.conf](https://dn42.burble.com/roa/dn42_roa_bird2_46.conf) &nbsp; | &nbsp;Both&nbsp; | Bird2 format | | <https://dn42.burble.com/roa/dn42_roa_bird2_46.conf> &nbsp; | &nbsp;Both&nbsp; | Bird2 format |
|[https://dn42.burble.com/roa/dn42_roa_bird2_4.conf](https://dn42.burble.com/roa/dn42_roa_bird2_4.conf) &nbsp; | &nbsp;IPv4 Only&nbsp; | Bird2 format | | <https://dn42.burble.com/roa/dn42_roa_bird2_4.conf> &nbsp; | &nbsp;IPv4 Only&nbsp; | Bird2 format |
|[https://dn42.burble.com/roa/dn42_roa_bird2_6.conf](https://dn42.burble.com/roa/dn42_roa_bird2_6.conf) &nbsp; | &nbsp;IPv6 Only&nbsp; | Bird2 format | | <https://dn42.burble.com/roa/dn42_roa_bird2_6.conf> &nbsp; | &nbsp;IPv6 Only&nbsp; | Bird2 format |
ROA files generated by [roa_wizard](https://git.dn42.dev/Kioubit/roa_wizard) are available: ROA files generated by [roa_wizard](https://git.dn42.dev/Kioubit/roa_wizard) are available:
|URL|&nbsp;IPv4/IPv6&nbsp;|Description| |URL|&nbsp;IPv4/IPv6&nbsp;|Description|
|---|---|---| |---|---|---|
|[https://kioubit-roa.dn42.dev/?type=v4](https://kioubit-roa.dn42.dev/?type=v4) &nbsp; | &nbsp;IPv4 Only&nbsp; | Bird2 format | | <https://kioubit-roa.dn42.dev/?type=v4> &nbsp; | &nbsp;IPv4 Only&nbsp; | Bird2 format |
|[https://kioubit-roa.dn42.dev/?type=v6](https://kioubit-roa.dn42.dev/?type=v6) &nbsp; | &nbsp;IPv6 Only&nbsp; | Bird2 format | | <https://kioubit-roa.dn42.dev/?type=v6> &nbsp; | &nbsp;IPv6 Only&nbsp; | Bird2 format |
|[https://kioubit-roa.dn42.dev/?type=json](https://kioubit-roa.dn42.dev/?type=json) &nbsp; | &nbsp;Both&nbsp; | JSON format for use with RPKI | | <https://kioubit-roa.dn42.dev/?type=json> &nbsp; | &nbsp;Both&nbsp; | JSON format for use with RPKI |
### Updating ROA tables ### Updating ROA tables
@ -429,5 +429,5 @@ bird> show route export <somepeer> # shows the route you export to someone
``` ```
# External Links # External Links
* detailed bird configuration from Mic92: https://github.com/Mic92/bird-dn42 * detailed bird configuration from Mic92: <https://github.com/Mic92/bird-dn42>
* more bird commands: https://bird.network.cz/?get_doc&v=20&f=bird-4.html * more bird commands: <https://bird.network.cz/?get_doc&v=20&f=bird-4.html>

View File

@ -6,10 +6,10 @@ The `extra/bird` package in the arch repositories will usually have a relatively
# Bird2 Version <2.0.8 / Debian # Bird2 Version <2.0.8 / Debian
Please note, that Bird2 versions before 2.0.8 don't support IPv6 extended nexthops for IPv4 destinations (https://bird.network.cz/pipermail/bird-users/2020-April/014412.html). Please note, that Bird2 versions before 2.0.8 don't support IPv6 extended nexthops for IPv4 destinations (<https://bird.network.cz/pipermail/bird-users/2020-April/014412.html>).
Additionally Bird2 before 2.0.8 cannot automatically update filtered bgp routes when an used RPKI source changes. Additionally Bird2 before 2.0.8 cannot automatically update filtered bgp routes when an used RPKI source changes.
Debian 11 Bullseye delivers Bird 2.0.7. But you can use the Debian Bullseye backport-repository which provides version 2.0.8 (see https://backports.debian.org/Instructions/ for adding backports repository and install packages from the repository). Debian 11 Bullseye delivers Bird 2.0.7. But you can use the Debian Bullseye backport-repository which provides version 2.0.8 (see <https://backports.debian.org/Instructions/> for adding backports repository and install packages from the repository).
# Example configuration # Example configuration

View File

@ -25,10 +25,10 @@
* At least one peer should operate his own (Sub-)CA. * At least one peer should operate his own (Sub-)CA.
## How to configure a GRE tunnel on FreeBSD ## How to configure a GRE tunnel on FreeBSD
See [GRE on FreeBSD](GRE-on-FreeBSD). See [GRE on FreeBSD](/howto/GRE-on-FreeBSD).
## How to configure IPsec on FreeBSD ## How to configure IPsec on FreeBSD
See [IPsec on FreeBSD](IPsec-on-FreeBSD). See [IPsec on FreeBSD](/howto/IPsec-on-FreeBSD).
## How to configure GRE + IPsec on Debian ## How to configure GRE + IPsec on Debian
See [GRE + IPsec on Debian](IPsecWithPublicKeys/GRE-plus-IPsec-Debian). See [GRE + IPsec on Debian](/howto/IPsecWithPublicKeys/GRE-plus-IPsec-Debian).

View File

@ -305,7 +305,7 @@ source: DN42
In dn42, there is no real distinction between peering and transit: in most cases, everybody serves as an upstream provider to all its peers. Note that if you have very slow connectivity to the Internet, you may want to avoid providing transit between your peers, which can be done by filtering or prepending your ASN. For the sake of sane routing, try to peer with people on the same continent to avoid inefficient routing, <50ms is a good rule of thumb. You can also look into Bird communities if you are using Bird to mark the latency for the [link](/howto/Bird-communities). In dn42, there is no real distinction between peering and transit: in most cases, everybody serves as an upstream provider to all its peers. Note that if you have very slow connectivity to the Internet, you may want to avoid providing transit between your peers, which can be done by filtering or prepending your ASN. For the sake of sane routing, try to peer with people on the same continent to avoid inefficient routing, <50ms is a good rule of thumb. You can also look into Bird communities if you are using Bird to mark the latency for the [link](/howto/Bird-communities).
You can use the peerfinder to help you find potential peers close to you: https://dn42.us/peers You can use the peerfinder to help you find potential peers close to you: <https://dn42.us/peers>
You can then contact them on IRC or by email. In case you're really at loss, you can also ask for peers on the mailing list. You can then contact them on IRC or by email. In case you're really at loss, you can also ask for peers on the mailing list.
@ -313,17 +313,17 @@ You can then contact them on IRC or by email. In case you're really at loss, you
Unless your dn42 peers are on the same network, you must establish tunnels. Choose anything you like: Wireguard, OpenVPN, GRE, GRE + IPSec, IPIP, Tinc, ... Unless your dn42 peers are on the same network, you must establish tunnels. Choose anything you like: Wireguard, OpenVPN, GRE, GRE + IPSec, IPIP, Tinc, ...
There is some documentation in this wiki, like [gre-plus-ipsec](GRE-plus-IPsec). There is some documentation in this wiki, like [gre-plus-ipsec](/howto/GRE-plus-IPsec).
## Running a routing daemon ## Running a routing daemon
You need a routing daemon to speak BGP with your peers. People usually run Quagga or Bird, but you may use anything (OpenBGPD, XORP, somebody even used an old [hardware router](BGP-on-Extreme-Summit1i) ). See the relevant [FAQ entry](/FAQ#frequently-asked-questions_what-bgp-daemon-should-i-use). You need a routing daemon to speak BGP with your peers. People usually run Quagga or Bird, but you may use anything (OpenBGPD, XORP, somebody even used an old [hardware router](BGP-on-Extreme-Summit1i) ). See the relevant [FAQ entry](/FAQ#frequently-asked-questions_what-bgp-daemon-should-i-use).
You can find [configuration examples for Bird here](Bird). You can find [configuration examples for Bird here](/howto/Bird).
## Configuration Examples ## Configuration Examples
* [Important Network configuration](networksettings) * [Important Network configuration](/howto/networksettings)
* VPN/Tunnel: * VPN/Tunnel:
* [Wireguard](/howto/wireguard) * [Wireguard](/howto/wireguard)
@ -334,10 +334,10 @@ You can find [configuration examples for Bird here](Bird).
* [Bird](/howto/Bird) * [Bird](/howto/Bird)
* [Quagga](/howto/Quagga) * [Quagga](/howto/Quagga)
* Router specific: * Router specific:
* [dn42 on OpenWRT](OpenWRT) * [dn42 on OpenWRT](/howto/OpenWRT)
* [EdgeOS Configuration](EdgeOS-Config-Example) * [EdgeOS Configuration](/howto/EdgeOS-Config-Example)
* [EdgeOS GRE/IPsec Example](EdgeOS-GRE-IPsec-Example) * [EdgeOS GRE/IPsec Example](/howto/EdgeOS-GRE-IPsec-Example)
* [BGP on Extreme Networks Summit 1i](BGP-on-Extreme-Summit1i) * [BGP on Extreme Networks Summit 1i](/howto/BGP-on-Extreme-Summit1i)
# Configure DNS # Configure DNS

View File

@ -7,9 +7,9 @@
* The [insecure][1] [IKE][2] [aggressive mode][3] must be used to support distinct PSKs for multiple dynamic peers, or * The [insecure][1] [IKE][2] [aggressive mode][3] must be used to support distinct PSKs for multiple dynamic peers, or
* All dynamic peers must use the same PSK in order to use the more secure IKE main mode * All dynamic peers must use the same PSK in order to use the more secure IKE main mode
[1]: http://www.sersc.org/journals/IJAST/vol8/2.pdf "Vulnerabilities of VPN using IPSec and Defensive Measures" [1]: <http://www.sersc.org/journals/IJAST/vol8/2.pdf> "Vulnerabilities of VPN using IPSec and Defensive Measures"
[2]: http://carnal0wnage.attackresearch.com/2011/12/aggressive-mode-vpn-ike-scan-psk-crack.html "Aggressive Mode VPN -- IKE-Scan, PSK-Crack, and Cain" [2]: <http://carnal0wnage.attackresearch.com/2011/12/aggressive-mode-vpn-ike-scan-psk-crack.html> "Aggressive Mode VPN -- IKE-Scan, PSK-Crack, and Cain"
[3]: http://rayas-security.blogspot.com/2013/06/ipsec-vpn-main-mode-vs-aggressive-mode.html "IPsec VPN, Main mode Vs Aggressive mode" [3]: <http://rayas-security.blogspot.com/2013/06/ipsec-vpn-main-mode-vs-aggressive-mode.html> "IPsec VPN, Main mode Vs Aggressive mode"
### Public keys are _better_ ### Public keys are _better_
* They can be transmitted over insecure channels without compromising security * They can be transmitted over insecure channels without compromising security
@ -31,7 +31,7 @@ Keep in mind that certificates are just public keys wrapped with some extra meta
### Conversion tool ### Conversion tool
Different implementations use different formats to represent public keys, and it's necessary to be able to convert between them. Here is a script for that purpose: Different implementations use different formats to represent public keys, and it's necessary to be able to convert between them. Here is a script for that purpose:
[https://raw.githubusercontent.com/zeroae/pubkey-converter/master/pubkey-converter.pl](https://raw.githubusercontent.com/zeroae/pubkey-converter/master/pubkey-converter.pl) <https://raw.githubusercontent.com/zeroae/pubkey-converter/master/pubkey-converter.pl>
### How-To examples ### How-To examples
| Implementation | Key format | | Implementation | Key format |
@ -44,13 +44,13 @@ Different implementations use different formats to represent public keys, and it
| [strongSwan < 5.0.0][e] | Base64 RFC 3110 | | [strongSwan < 5.0.0][e] | Base64 RFC 3110 |
| [VyOS/EdgeOS][g] | Base64 RFC 3110 | | [VyOS/EdgeOS][g] | Base64 RFC 3110 |
[a]: /howto/IPsecWithPublicKeys/CiscoIOSExample [a]: </howto/IPsecWithPublicKeys/CiscoIOSExample>
[b]: /howto/IPsecWithPublicKeys/RouterOSExample [b]: </howto/IPsecWithPublicKeys/RouterOSExample>
[c]: /howto/IPsecWithPublicKeys/OpenBSDExample [c]: </howto/IPsecWithPublicKeys/OpenBSDExample>
[d]: /howto/IPsecWithPublicKeys/RacoonExample [d]: </howto/IPsecWithPublicKeys/RacoonExample>
[e]: /howto/IPsecWithPublicKeys/strongSwan4Example [e]: </howto/IPsecWithPublicKeys/strongSwan4Example>
[f]: /howto/IPsecWithPublicKeys/strongSwan5Example [f]: </howto/IPsecWithPublicKeys/strongSwan5Example>
[g]: /howto/IPsecWithPublicKeys/VyOSExample [g]: </howto/IPsecWithPublicKeys/VyOSExample>
### Notes ### Notes
1. Best practice is to generate the private key on the router itself, and not transfer it to another machine. This part should be kept secret! 1. Best practice is to generate the private key on the router itself, and not transfer it to another machine. This part should be kept secret!

View File

@ -39,7 +39,7 @@ _Note: You may already have completed this step, since it's required to enable S
2. Convert your peer's public key to the hexadecimal DER format using the [pubkey-converter][pubkey-converter] script, if necessary. 2. Convert your peer's public key to the hexadecimal DER format using the [pubkey-converter][pubkey-converter] script, if necessary.
[pubkey-converter]: https://git.dn42.dev/ryan/pubkey-converter/raw/master/pubkey-converter.pl "Public key conversion script" [pubkey-converter]: <https://git.dn42.dev/ryan/pubkey-converter/raw/master/pubkey-converter.pl> "Public key conversion script"
## Configuration ## Configuration
### Configure the phase 1 IKE parameters ### Configure the phase 1 IKE parameters

View File

@ -33,7 +33,7 @@
3. Convert your peer's public key to the PEM format using the [pubkey-converter][pubkey-converter] script, if necessary. 3. Convert your peer's public key to the PEM format using the [pubkey-converter][pubkey-converter] script, if necessary.
[pubkey-converter]: https://dn42.us/git/user/ryan/pubkey-converter.git/plain/pubkey-converter.pl "Public key conversion script" [pubkey-converter]: <https://dn42.us/git/user/ryan/pubkey-converter.git/plain/pubkey-converter.pl> "Public key conversion script"
## Configuration ## Configuration
### Configure the phase 1 IKE parameters ### Configure the phase 1 IKE parameters

View File

@ -21,7 +21,7 @@
2. Convert your peer's public key to the Base64 RFC 3110 format using the [pubkey-converter][pubkey-converter] script, if necessary. 2. Convert your peer's public key to the Base64 RFC 3110 format using the [pubkey-converter][pubkey-converter] script, if necessary.
[pubkey-converter]: https://dn42.us/git/user/ryan/pubkey-converter.git/plain/pubkey-converter.pl "Public key conversion script" [pubkey-converter]: <https://dn42.us/git/user/ryan/pubkey-converter.git/plain/pubkey-converter.pl> "Public key conversion script"
## Configuration ## Configuration
### Configure the phase 1 IKE parameters ### Configure the phase 1 IKE parameters

View File

@ -28,7 +28,7 @@
2. Convert your peer's public key to the Base64 RFC 3110 format using the [pubkey-converter][pubkey-converter] script, if necessary. 2. Convert your peer's public key to the Base64 RFC 3110 format using the [pubkey-converter][pubkey-converter] script, if necessary.
[pubkey-converter]: https://dn42.us/git/user/ryan/pubkey-converter.git/plain/pubkey-converter.pl "Public key conversion script" [pubkey-converter]: <https://dn42.us/git/user/ryan/pubkey-converter.git/plain/pubkey-converter.pl> "Public key conversion script"
## Configuration ## Configuration
### Configure the phase 1 IKE parameters ### Configure the phase 1 IKE parameters

View File

@ -32,7 +32,7 @@ Don't forget to disable selinux :)
2. Convert your peer's public key to the PEM format using the [pubkey-converter][pubkey-converter] script, if necessary. 2. Convert your peer's public key to the PEM format using the [pubkey-converter][pubkey-converter] script, if necessary.
[pubkey-converter]: https://git.dn42.dev/ryan/pubkey-converter/raw/master/pubkey-converter.pl "Public key conversion script" [pubkey-converter]: <https://git.dn42.dev/ryan/pubkey-converter/raw/master/pubkey-converter.pl> "Public key conversion script"
## Configuration ## Configuration
### Configure the phase 1 IKE parameters ### Configure the phase 1 IKE parameters
@ -127,4 +127,4 @@ If your peer is using a Cisco router and is behind NAT, then you might need to a
rightid=NATIP rightid=NATIP
# See also # See also
* [Network settings](https://internal.dn42/howto/networksettings) * [Network settings](/howto/networksettings)

View File

@ -2,11 +2,11 @@
The following guide illustrates how to set up an IPv6 multicast router using [PIM-SM](https://en.wikipedia.org/wiki/Protocol_Independent_Multicast#Sparse_mode) (Protocol Independent Multicast in Sparse Mode) with your own personal multicast prefix. The following guide illustrates how to set up an IPv6 multicast router using [PIM-SM](https://en.wikipedia.org/wiki/Protocol_Independent_Multicast#Sparse_mode) (Protocol Independent Multicast in Sparse Mode) with your own personal multicast prefix.
rfc8815 deprecated pim-sm, please take a look at the new multicast page about pim-ssm: wiki.dn42/howto/multicast.md rfc8815 deprecated pim-sm, please take a look at the new multicast page about pim-ssm: </howto/multicast>
## Quickstart ## Quickstart
* Install pim6sd from here: https://github.com/troglobit/pim6sd/ * Install pim6sd from here: <https://github.com/troglobit/pim6sd/>
```sh ```sh
cd /usr/src cd /usr/src
git clone https://github.com/troglobit/pim6sd.git git clone https://github.com/troglobit/pim6sd.git

View File

@ -16,14 +16,14 @@ If you're already running IPv4 on DN42, here's how to get started:
* ??? * ???
* Profit! * Profit!
If not, you can follow the instructions on the [Getting Started](Getting-Started) page, as they'll mostly apply to IPv6 aswell. If not, you can follow the instructions on the [Getting Started](/howto/Getting-Started) page, as they'll mostly apply to IPv6 aswell.
## What can i do on DN42-v6 ? ## What can i do on DN42-v6 ?
A fair share of the services are available through IPv6. However some of the well known addresses might not work, so you'll have to find alternative services. A fair share of the services are available through IPv6. However some of the well known addresses might not work, so you'll have to find alternative services.
Quick list of some native-IPv6-capable services: Quick list of some native-IPv6-capable services:
* Anycast [whois.dn42](whois.dn42) * Anycast [whois.dn42](/services/whois)
* DNS, including anycast * DNS, including anycast
* Media boards, including DN42-Chan * Media boards, including DN42-Chan
* torrents.dn42 * torrents.dn42

View File

@ -36,7 +36,7 @@ fi
## Graph routes and activity for every neighbour ## Graph routes and activity for every neighbour
This munin-plugin makes it very easy to graph the announced routes and activity for each neighbour over time: This munin-plugin makes it very easy to graph the announced routes and activity for each neighbour over time:
https://github.com/luben/bird-multigraph-plugin <https://github.com/luben/bird-multigraph-plugin>
It's also possible to get notified by Munin when a problem with the peering persists. You have to define a critical value in line 138: It's also possible to get notified by Munin when a problem with the peering persists. You have to define a critical value in line 138:
``` ```
@ -54,4 +54,4 @@ graph_title $name routes
``` ```
Example installation: Example installation:
http://stats.tbspace.de/munin-cgi/munin-cgi-graph/tbspace.de/server.tbspace.de/dn42_crest_routes-day.png <http://stats.tbspace.de/munin-cgi/munin-cgi-graph/tbspace.de/server.tbspace.de/dn42_crest_routes-day.png>

View File

@ -109,12 +109,12 @@ ROA files generated by [dn42regsrv](https://git.dn42.dev/burble/dn42regsrv) are
|URL|&nbsp;IPv4/IPv6&nbsp;| |URL|&nbsp;IPv4/IPv6&nbsp;|
|---|---| |---|---|
|[https://dn42.burble.com/roa/dn42_roa_obgpd_46.conf](https://dn42.burble.com/roa/dn42_roa_obgpd_46.conf) &nbsp; | &nbsp;Both&nbsp; | | <https://dn42.burble.com/roa/dn42_roa_obgpd_46.conf> &nbsp; | &nbsp;Both&nbsp; |
|[https://dn42.burble.com/roa/dn42_roa_obgpd_4.conf](https://dn42.burble.com/roa/dn42_roa_obgpd_4.conf) &nbsp; | &nbsp;IPv4 Only&nbsp; | | <https://dn42.burble.com/roa/dn42_roa_obgpd_4.conf> &nbsp; | &nbsp;IPv4 Only&nbsp; |
|[https://dn42.burble.com/roa/dn42_roa_obgpd_6.conf](https://dn42.burble.com/roa/dn42_roa_obgpd_6.conf) &nbsp; | &nbsp;IPv6 Only&nbsp; | | <https://dn42.burble.com/roa/dn42_roa_obgpd_6.conf> &nbsp; | &nbsp;IPv6 Only&nbsp; |
`/etc/dn42.roa-set` is the generated set: `/etc/dn42.roa-set` is the generated set:
``` ```conf
roa-set { roa-set {
fd00:12:34::/48 source-as 4242421234 fd00:12:34::/48 source-as 4242421234
fd00:ab:cd::/44 maxlen 64 source-as 4242427890 fd00:ab:cd::/44 maxlen 64 source-as 4242427890
@ -132,4 +132,4 @@ include "/etc/dn42.roa-set"
This is mostly OpenBSD specific since [bgplg(8)](http://man.openbsd.org/bgplg.8) and [httpd(8)](http://man.openbsd.org/httpd.8) ship as part of the operating system. This is mostly OpenBSD specific since [bgplg(8)](http://man.openbsd.org/bgplg.8) and [httpd(8)](http://man.openbsd.org/httpd.8) ship as part of the operating system.
The **bgplg** manual contains the few steps and example [httpd.conf(5)](http://man.openbsd.org/httpd.conf.5) required to enable the looking glass. The **bgplg** manual contains the few steps and example [httpd.conf(5)](http://man.openbsd.org/httpd.conf.5) required to enable the looking glass.
See https://t4-2.high5.nl/bgplg for a running instance operating within DN42. See <https://t4-2.high5.nl/bgplg> for a running instance operating within DN42.

View File

@ -74,9 +74,9 @@ This is more tricky. In theory, all you have to do is to set
option forward ACCEPT option forward ACCEPT
in the definition of the zone. However, due to a bug in Attitude Adjustment (see https://dev.openwrt.org/ticket/12945), this will allow forwarding **everything everywhere**. in the definition of the zone. However, due to a bug in Attitude Adjustment (see <https://dev.openwrt.org/ticket/12945>), this will allow forwarding **everything everywhere**.
You have to use this patch: https://dev.openwrt.org/changeset/35484 (monkeypatching the relevant files in `/lib` should work). You have to use this patch: <https://dev.openwrt.org/changeset/35484> (monkeypatching the relevant files in `/lib` should work).
## DNS ## DNS

View File

@ -27,7 +27,7 @@ It is also possible to integrate this with a RTR cache server such as [gortr](ht
### dn42regsrv ### dn42regsrv
You can find a hosted example of dn42regsrv at https://explorer.burble.com/ You can find a hosted example of dn42regsrv at <https://explorer.burble.com/>
Instructions on how to host dn42regsrv yourself can be found on the git repo of [dn42regsrv](https://git.burble.com/burble.dn42/dn42regsrv). Instructions on how to host dn42regsrv yourself can be found on the git repo of [dn42regsrv](https://git.burble.com/burble.dn42/dn42regsrv).
@ -38,13 +38,13 @@ You can also run dn42regsrv via docker (then available at 127.0.0.1:8042):
./build.sh ./build.sh
docker-compose up -d docker-compose up -d
Documentation for the api endpoints can be found here: https://git.burble.com/burble.dn42/dn42regsrv/src/master/API.md Documentation for the api endpoints can be found here: <https://git.burble.com/burble.dn42/dn42regsrv/src/master/API.md>
### gortr ### gortr
burble kindly provides ready-to-use files for gortr here: burble kindly provides ready-to-use files for gortr here:
https://dn42.burble.com/roa/dn42_roa_46.json <https://dn42.burble.com/roa/dn42_roa_46.json>
You can use these to simply run gortr via docker: You can use these to simply run gortr via docker:
@ -72,12 +72,12 @@ This is a working configuration file for dn42. Maybe change the listen addresses
listen = ["0.0.0.0:323", "[::]:323"] listen = ["0.0.0.0:323", "[::]:323"]
unit = "dn42-json" unit = "dn42-json"
For more information cosult the official documentation: https://rtrtr.docs.nlnetlabs.nl/en/stable/ For more information cosult the official documentation: <https://rtrtr.docs.nlnetlabs.nl/en/stable/>
### Other tools / generators ### Other tools / generators
- bauen1's dn42-roagen: https://gitlab.com/bauen1/dn42-roagen - bauen1's dn42-roagen: <https://gitlab.com/bauen1/dn42-roagen>
- Kioubit's registry wizard: https://git.dn42.dev/Kioubit/RegistryWizard - Kioubit's registry wizard: <https://git.dn42.dev/Kioubit/RegistryWizard>
- chuangzhu's pure bash script: https://paste.sr.ht/~chuang/e98d2fe791de68a6cf5aade7877cd0dbc1cdb84e - chuangzhu's pure bash script: <https://paste.sr.ht/~chuang/e98d2fe791de68a6cf5aade7877cd0dbc1cdb84e>
### This is all to complicated, is there an easy all-in-one package for RTR? ### This is all to complicated, is there an easy all-in-one package for RTR?

View File

@ -22,7 +22,7 @@ between two ases, you can enable ipv4/ipv6 labeled-unicast address family
to do inter-as-mpls-vpn on top of it, you can enable rr-to-rr, asbr-to-asbr or rr-to-asbr vpnv4/vpnv6/vpls/evpn peerings to do inter-as-mpls-vpn on top of it, you can enable rr-to-rr, asbr-to-asbr or rr-to-asbr vpnv4/vpnv6/vpls/evpn peerings
more info at http://mpls.dn42/ or at http://mp.ls/ more info at <http://mpls.dn42/> or at <http://mp.ls/>
participating networks: participating networks:

View File

@ -30,7 +30,7 @@ current streams:
vlc rtp://172.23.199.110@232.2.3.2:1234/ vlc rtp://172.23.199.110@232.2.3.2:1234/
controllable at http://webdj.nop.dn42/ controllable at <http://webdj.nop.dn42/>
public multicast to unicast relay with vlc4 and above: public multicast to unicast relay with vlc4 and above:

View File

@ -168,7 +168,7 @@ As seen, the IP configuration is applied via ip-commands in the postSetup. This
### BGP Routing with bird2 ### BGP Routing with bird2
Like ferm, Bird2 is configured by ```services.bird2.config``` containing a string. In there the example bird2 config from [wiki.dn42](https://wiki.dn42/howto/Bird2) can be imported. Roa tables can be generated or downloaded from host providing them. Like ferm, Bird2 is configured by ```services.bird2.config``` containing a string. In there the example bird2 config from [wiki.dn42](/howto/Bird2) can be imported. Roa tables can be generated or downloaded from host providing them.
#### ROA Updating script #### ROA Updating script
@ -240,3 +240,4 @@ I also run services like a nameserver for .litschi.dn42 zones and a nginx webser
### Sample configuration ### Sample configuration
You can find a sample Wireguard + Bird configuration made by Tchekda ready for dn42 on [this](https://github.com/Tchekda/nixos-configuration/tree/master/llitt/dn42) repository You can find a sample Wireguard + Bird configuration made by Tchekda ready for dn42 on [this](https://github.com/Tchekda/nixos-configuration/tree/master/llitt/dn42) repository

View File

@ -187,7 +187,7 @@ Build the CA: `. vars`, `./build-ca`, then generate the server key: `./build-key
Then, for each client, generate a private key and a certificate: ```./build-key myclient```. The Common Name is the only important information (it will be used to identify the client, for instance in the logs). Then, for each client, generate a private key and a certificate: ```./build-key myclient```. The Common Name is the only important information (it will be used to identify the client, for instance in the logs).
# See also # See also
* [Network settings](https://internal.dn42/howto/networksettings) * [Network settings](/howto/networksettings)
# External Links # External Links
* multicast: * multicast:

View File

@ -1,7 +1,7 @@
# VyOS 1.4.x sagitta # VyOS 1.4.x sagitta
VyOS is an open source software router. It is feature rich and supports multiple deployment options such as physical hardware (Old PC's) or a VPC/VM. The developers have a nightly rolling release that includes all the latest features such as Wireguard. VyOS is an open source software router. It is feature rich and supports multiple deployment options such as physical hardware (Old PC's) or a VPC/VM. The developers have a nightly rolling release that includes all the latest features such as Wireguard.
It can be downloaded here https://www.vyos.io/rolling-release/. It can be downloaded here <https://www.vyos.io/rolling-release/>.
## Firewall Baseline ## Firewall Baseline
We will configure firewall access lists for inbound connections on our peer Wireguard interfaces as well as block all inbound connections to our router with the exception of BGP. This should be a good baseline firewall ruleset to filter inbound traffic on your networks edge. Modifications may be needed depending on your specific goals. If your router has an uplink back to a larger internal network (outside of DN42), an outbound firewall ruleset will need to be applied to that interface. We will configure firewall access lists for inbound connections on our peer Wireguard interfaces as well as block all inbound connections to our router with the exception of BGP. This should be a good baseline firewall ruleset to filter inbound traffic on your networks edge. Modifications may be needed depending on your specific goals. If your router has an uplink back to a larger internal network (outside of DN42), an outbound firewall ruleset will need to be applied to that interface.
@ -203,7 +203,7 @@ You can now check your BGP summary
## RPKI/ROA Checking ## RPKI/ROA Checking
### Setup RPKI Caching Server ### Setup RPKI Caching Server
Burble has made this super easy. More info can be found [here](https://wiki.dn42/howto/ROA-slash-RPKI) on this wiki. Get started by running the below command on a Linux server with Docker installed (VyOS now supports containers, but doesn't yet supports commands to pass to them... so we still need another machine to run GoRTR) Burble has made this super easy. More info can be found [here](/howto/ROA-slash-RPKI) on this wiki. Get started by running the below command on a Linux server with Docker installed (VyOS now supports containers, but doesn't yet supports commands to pass to them... so we still need another machine to run GoRTR)
``` ```
sudo docker run -ti -p 8082:8082 cloudflare/gortr -cache https://dn42.burble.com/roa/dn42_roa_46.json -verify=false -checktime=false -bind :8082 sudo docker run -ti -p 8082:8082 cloudflare/gortr -cache https://dn42.burble.com/roa/dn42_roa_46.json -verify=false -checktime=false -bind :8082

View File

@ -13,8 +13,8 @@ As well as the main REST API to the DN42 registry, the server can also generate
A public instance of the API and associated explorer web app is available at the following URLs: A public instance of the API and associated explorer web app is available at the following URLs:
https://explorer.burble.com/ (public internet link) <https://explorer.burble.com/> (public internet link)
https://explorer.collector.dn42/ (DN42 link) <https://explorer.collector.dn42/> (DN42 link)
https://explorer.dn42.pebkac.gr/ (public internet link) <https://explorer.dn42.pebkac.gr/> (public internet link)
https://explorer.pebkac.dn42/ (DN42 link) <https://explorer.pebkac.dn42/> (DN42 link)

View File

@ -9,7 +9,7 @@ You can inspect the services status [on this page](https://services.dn42)
## Network-related ## Network-related
* [net.smrsh.dn42/routes/d3js.html](http://net.smrsh.dn42/routes/d3js.html) aka 172.23.174.1 (dn42) or [dn42.smrsh.net/routes/d3js.html](http://dn42.smrsh.net/routes/d3js.html) (Internet) * [net.smrsh.dn42/routes/d3js.html](http://net.smrsh.dn42/routes/d3js.html) aka 172.23.174.1 (dn42) or [dn42.smrsh.net/routes/d3js.html](http://dn42.smrsh.net/routes/d3js.html) (Internet)
* Polynome has some nice scripts and visualizations here: http://dataviz.polynome.dn42/dn42-netblock-visu/registry.html * Polynome has some nice scripts and visualizations here: <http://dataviz.polynome.dn42/dn42-netblock-visu/registry.html>
* DN42 Toplevel domain DNS monitoring: [gatuno.dn42/dns](http://gatuno.dn42/dns) * DN42 Toplevel domain DNS monitoring: [gatuno.dn42/dns](http://gatuno.dn42/dns)
* Free DNS Hosting. You can host any toplevel or subdomain from dn42: [gatuno.dn42/managed](http://gatuno.dn42/managed/) * Free DNS Hosting. You can host any toplevel or subdomain from dn42: [gatuno.dn42/managed](http://gatuno.dn42/managed/)
* Nixnodes original Map of the network: [map.nixnodes.net](http://map.nixnodes.net) * Nixnodes original Map of the network: [map.nixnodes.net](http://map.nixnodes.net)
@ -41,41 +41,41 @@ Select "Disable Recursion" to check only entries found in the registry or leave
Currently this system only supports IPv4. Currently this system only supports IPv4.
http://mwd.dn42/dns.php <http://mwd.dn42/dns.php>
MWD will also provide a secondary DNS server and/or cacti monitoring of your devices. Just ask on IRC. More info: http://mwd.dn42 MWD will also provide a secondary DNS server and/or cacti monitoring of your devices. Just ask on IRC. More info: <http://mwd.dn42>
### Getting your current dn42 IPv4/IPv6 address ### Getting your current dn42 IPv4/IPv6 address
* What is my IP: [ip4.dn42](http://ip4.dn42/), [ip6.dn42](http://ip6.dn42/) * What is my IP: [ip4.dn42](http://ip4.dn42/), [ip6.dn42](http://ip6.dn42/)
* What is my IP: [whatismyip.dn42](http://whatismyip.dn42/) * What is my IP: [whatismyip.dn42](http://whatismyip.dn42/)
* http://wieistmeineip.dn42 provides a service like http://wieistmeineip.de, but for dn42. * <http://wieistmeineip.dn42> provides a service like <http://wieistmeineip.de>, but for dn42.
wieistmeineip.dn42 also provides a telnet service that returns the address you connected with. This service only shows you the address of the preferred protocol, but there are also ipv4.wieistmeineip.dn42 and ipv6.wieistmeineip.dn42 that accept only connections via IPv4/IPv6. wieistmeineip.dn42 also provides a telnet service that returns the address you connected with. This service only shows you the address of the preferred protocol, but there are also ipv4.wieistmeineip.dn42 and ipv6.wieistmeineip.dn42 that accept only connections via IPv4/IPv6.
* You can also use http://whatismyip.dn42 from inside dn42 to get your IPv4 and IPv6 address. It also returns information about your latency, netblock details, and route information. * You can also use <http://whatismyip.dn42> from inside dn42 to get your IPv4 and IPv6 address. It also returns information about your latency, netblock details, and route information.
* An alternative is available at https://ip.naive.network, which displays your clearnet and dn42 IP addresses. * An alternative is available at <https://ip.naive.network>, which displays your clearnet and dn42 IP addresses.
## Search engines ## Search engines
| Hostname / IP | Remarks | | Hostname / IP | Remarks |
|:------------------------------------------------- |:-------------------------------------------------------- | |:------------------------------------------------- |:-------------------------------------------------------- |
| http://yacy.dn42 (OFFLINE 2020-01-18) | YaCy search engine. Indexing local nets | | <http://yacy.dn42> (OFFLINE 2020-01-18) | YaCy search engine. Indexing local nets |
| _Configuring Yacy Network settings:_ |[YaCy Network Configuration](http://yacy.dn42/yacy.network.dn42.unit) | | _Configuring Yacy Network settings:_ |[YaCy Network Configuration](http://yacy.dn42/yacy.network.dn42.unit) |
| http://mhm.dn42/search | Hosted by toBee | | <http://mhm.dn42/search> | Hosted by toBee |
## Radio and Video Streaming ## Radio and Video Streaming
| Hostname / IP | Remarks | | Hostname / IP | Remarks |
|:------------------------------------------------- |:--------------------------------------------------------------- | |:------------------------------------------------- |:--------------------------------------------------------------- |
| https://invidious.doxz.dn42/ (BROKEN 2021-04-19) | Invidious instance with proxy (Youtube) | | <https://invidious.doxz.dn42/> (BROKEN 2021-04-19) | Invidious instance with proxy (Youtube) |
| http://stream.media.dn42/ | icecast-relay, contact toBee for more streams (DOWN 2020-11-02) | | <http://stream.media.dn42/> | icecast-relay, contact toBee for more streams (DOWN 2020-11-02) |
| http://radio.hex.dn42/ | Ambient musics | | <http://radio.hex.dn42/> | Ambient musics |
| https://yp.unknownts.dn42/ | A YellowPages for internet radio stations inside dn42 | | <https://yp.unknownts.dn42/> | A YellowPages for internet radio stations inside dn42 |
## Images, E-Books, Videos and other Media ## Images, E-Books, Videos and other Media
| Hostname / IP | Remarks | | Hostname / IP | Remarks |
|:------------------------------------------------- |:-------------------------------------------------------- | |:------------------------------------------------- |:-------------------------------------------------------- |
| http://img.dn42 | Imagehoster | | <http://img.dn42> | Imagehoster |
| http://chan.dn42 | DN42-Chan, an imageboard | | <http://chan.dn42> | DN42-Chan, an imageboard |
## File Sharing ## File Sharing
@ -83,9 +83,9 @@ wieistmeineip.dn42 also provides a telnet service that returns the address you c
| Hostname / IP | Space | Speed | Remarks | | Hostname / IP | Space | Speed | Remarks |
|:----------------------------------------------------------- |:----- |:----------- |:---------------------------------- | |:----------------------------------------------------------- |:----- |:----------- |:---------------------------------- |
| http://filer.mhm.dn42 | 4TB | 1GBit | 24/7/365 | | <http://filer.mhm.dn42> | 4TB | 1GBit | 24/7/365 |
| http://data.0l.dn42 | 5TB | 1GBit | 24/7/365, download, dn42 MRT dumps | | <http://data.0l.dn42> | 5TB | 1GBit | 24/7/365, download, dn42 MRT dumps |
| http://seafile.dn42 | | | Opensource Dropbox, yay! | | <http://seafile.dn42> | | | Opensource Dropbox, yay! |
### Tahoe LAFS ### Tahoe LAFS
Some people runs [Tahoe LAFS](/services/Tahoe-LAFS) nodes to provide a secure decentralized crypted file storage but in dn42. Some people runs [Tahoe LAFS](/services/Tahoe-LAFS) nodes to provide a secure decentralized crypted file storage but in dn42.
@ -112,18 +112,18 @@ https://rest.dn42/
### Torrent Search Engine ### Torrent Search Engine
* https://magnetic.dn42 (DHT Search Engine) * <https://magnetic.dn42> (DHT Search Engine)
### Torrent Index ### Torrent Index
* http://torrents.dn42 * <http://torrents.dn42>
### Torrent Tracker ### Torrent Tracker
| Hostname / IP | Port | Protocol | Remarks | Announce URL | | Hostname / IP | Port | Protocol | Remarks | Announce URL |
|:---------------------|:-----|:------------|:---------------|:----------------------------------------| |:---------------------|:-----|:------------|:---------------|:----------------------------------------|
| tracker.mhm.dn42 | 6969 | TCP & UDP | Opentracker | http://tracker.mhm.dn42:6969/announce | | tracker.mhm.dn42 | 6969 | TCP & UDP | Opentracker | <http://tracker.mhm.dn42:6969/announce> |
| tracker.mhm.dn42 | 80 | TCP & UDP | Opentracker | http://tracker.mhm.dn42/announce | | tracker.mhm.dn42 | 80 | TCP & UDP | Opentracker | <http://tracker.mhm.dn42/announce> |
## NTP ## NTP
@ -139,36 +139,36 @@ Also check [Repository Mirrors](/services/Repository-Mirrors)
| Hostname / IP | What's Available: | Updates | Hostname / IP | What's Available: | Updates
|:------------------------------------------------- |:----------------------------------- |:----------------------------------- | |:------------------------------------------------- |:----------------------------------- |:----------------------------------- |
| http://debian.trunet.dn42 | Debian mirror | Each 6 hours | | <http://debian.trunet.dn42> | Debian mirror | Each 6 hours |
| http://ubuntu.trunet.dn42 | Ubuntu releases mirror | Each 4 hours | | <http://ubuntu.trunet.dn42> | Ubuntu releases mirror | Each 4 hours |
| http://archive.ubuntu.trunet.dn42 | Ubuntu archive mirror | Each 6 hours | | <http://archive.ubuntu.trunet.dn42> | Ubuntu archive mirror | Each 6 hours |
| http://centos.trunet.dn42 | CentOS mirror | Each 6 hours | | <http://centos.trunet.dn42> | CentOS mirror | Each 6 hours |
| ~~http://files.twink0r.dn42~~(OFFLINE 2016-08-24) | Debian, Ubuntu | | | ~~http://files.twink0r.dn42~~(OFFLINE 2016-08-24) | Debian, Ubuntu | |
| ~~http://freebsd.e-utp.dn42~~(OFFLINE 2016-08-24) | FreeBSD Homepage mirror | | | ~~http://freebsd.e-utp.dn42~~(OFFLINE 2016-08-24) | FreeBSD Homepage mirror | |
| http://mirrors.zhaofeng.dn42/archlinux | Arch Linux | Every hour | | <http://mirrors.zhaofeng.dn42/archlinux> | Arch Linux | Every hour |
## Misc ## Misc
| Hostname / IP | Remarks | | Hostname / IP | Remarks |
| ------------------------------------------------- | ------------------------------------------------------------------------------ | | ------------------------------------------------- | ------------------------------------------------------------------------------ |
|https://bin.dn42 | AES-encrypted pastebin-like service ([zerobin](https://github.com/sebsauvage/ZeroBin)) | | <https://bin.dn42> | AES-encrypted pastebin-like service ([zerobin](https://github.com/sebsauvage/ZeroBin)) |
| http://pastebin.trunet.dn42 | AES-encrypted pastebin-like ([zerobin](https://github.com/sebsauvage/ZeroBin)) | | <http://pastebin.trunet.dn42> | AES-encrypted pastebin-like ([zerobin](https://github.com/sebsauvage/ZeroBin)) |
| ~~http://zerobin.e-utp.dn42~~ | AES-encrypted pastebin-like, second one ([zerobin](https://github.com/sebsauvage/ZeroBin)) | | ~~http://zerobin.e-utp.dn42~~ | AES-encrypted pastebin-like, second one ([zerobin](https://github.com/sebsauvage/ZeroBin)) |
| https://pad.dn42 | [Etherpad](http://etherpad.org) service for collaborative work | | <https://pad.dn42> | [Etherpad](http://etherpad.org) service for collaborative work |
| http://ip.synhacx.dn42 | Basic "whatismyip" service ([description](http://synhacx.dn42/showmyip)) | | <http://ip.synhacx.dn42> | Basic "whatismyip" service ([description](http://synhacx.dn42/showmyip)) |
| http://tor.e-utp.dn42 | Tor Project Homepage mirror | | <http://tor.e-utp.dn42> | Tor Project Homepage mirror |
| http://ngit.dn42 || | <http://ngit.dn42> ||
| nntp://news.blacksheep.dn42 | Martin's newsgroup server (ping MB-DN42 for a rw account or a nntp/uucp feed) | | nntp://news.blacksheep.dn42 | Martin's newsgroup server (ping MB-DN42 for a rw account or a nntp/uucp feed) |
| mumble://shard.smrsh.dn42:64738 | [Mumble](http://mumble.sourceforge.net/) Voice Chat | | mumble://shard.smrsh.dn42:64738 | [Mumble](http://mumble.sourceforge.net/) Voice Chat |
| ts3.kai-server.dn42 / ts3.fastnameserver.eu | Teamspeak 3 Server (also reachable over clearnet) | | ts3.kai-server.dn42 / ts3.fastnameserver.eu | Teamspeak 3 Server (also reachable over clearnet) |
| https://whois.rest.dn42/ | whois restful API | | <https://whois.rest.dn42/> | whois restful API |
| [pgp.dn42](http://pgp.dn42) | PGP keyserver, [synchronizes](http://pgp.dn42/pks/lookup?op=stats) with the SKS keyservers | | [pgp.dn42](http://pgp.dn42) | PGP keyserver, [synchronizes](http://pgp.dn42/pks/lookup?op=stats) with the SKS keyservers |
| https://git.dn42[.us] | Git Repository Hosting (Signup: email ssh pubkey to xuu@dn42.us) | | https://git.dn42[.us] | Git Repository Hosting (Signup: email ssh pubkey to xuu@dn42.us) |
| https://git.dn42[.us]/pubkeys/[username] | Get ssh public keys from Git Users of git.dn42. | | https://git.dn42[.us]/pubkeys/[username] | Get ssh public keys from Git Users of git.dn42. |
| http://teams.dn42[.us]/dn42 | Mattermost (Slack clone) instance: get notifications for wiki/CA changes here | | http://teams.dn42[.us]/dn42 | Mattermost (Slack clone) instance: get notifications for wiki/CA changes here |
| http://nowhere.ws/dn42 | Some random stuff concerning dn42, packages for Debian, e.g. Quagga | | <http://nowhere.ws/dn42> | Some random stuff concerning dn42, packages for Debian, e.g. Quagga |
| https://paste.weiti.dn42 | AES-encrypted pastebin-like (privatebin) | | <https://paste.weiti.dn42> | AES-encrypted pastebin-like (privatebin) |
## Gaming ## Gaming
@ -187,14 +187,14 @@ There is a page for email Providers [here](/services/E-Mail-Providers)
## ChaosVPN ## ChaosVPN
* Anybody can add services to this list, which will be monitored for uptime: http://10.100.44.1 * Anybody can add services to this list, which will be monitored for uptime: <http://10.100.44.1>
* Check your IP and reverse lookup: [ifconfig.hack](http://ifconfig.hack) * Check your IP and reverse lookup: [ifconfig.hack](http://ifconfig.hack)
* View of the network: http://vpnhub1-intern.hamburg.ccc.de/chaosvpn.png * View of the network: <http://vpnhub1-intern.hamburg.ccc.de/chaosvpn.png>
* List of nodes: http://vpnhub1-intern.hamburg.ccc.de/chaosvpn.nodes.html * List of nodes: <http://vpnhub1-intern.hamburg.ccc.de/chaosvpn.nodes.html>
## Freifunk ## Freifunk
### Augsburg ### Augsburg
We have a plugin that enables us to announce services in the mesh. So instead of listing them here again just have a look at http://10.11.0.8/cgi-bin/luci/freifunk/services to see what we have to offer. We have a plugin that enables us to announce services in the mesh. So instead of listing them here again just have a look at <http://10.11.0.8/cgi-bin/luci/freifunk/services> to see what we have to offer.
(Upload is not fast, most probably DSL speed only) (Upload is not fast, most probably DSL speed only)

View File

@ -35,8 +35,10 @@ n0emis maintains an [ACME server](https://acme.dn42) (with accompanying CA), com
#### API #### API
Results are in JSON format. Results are in JSON format.
```
http://ipip.map.dn42/whois?ip=[DN42_IP]&lang=en http://ipip.map.dn42/whois?ip=[DN42_IP]&lang=en
http://ipip.map.dn42/whois?asn=AS[DN42_ASN] http://ipip.map.dn42/whois?asn=AS[DN42_ASN]
```
#### Client #### Client
There is a client software using above apis to provide GeoIP-based traceroute. There is a client software using above apis to provide GeoIP-based traceroute.
@ -46,8 +48,8 @@ Windows only, no virus scan report available, but our DLL source is provided wit
**Since the original software is not open source, so use it at your own risk.** **Since the original software is not open source, so use it at your own risk.**
Preview: http://img.dn42/images/GEOTRACE42.jpg Preview: <http://img.dn42/images/GEOTRACE42.jpg><br>
Link: http://map.dn42/BestTrace42.zip Link: <http://map.dn42/BestTrace42.zip>
### ASN Authentication Solution ### ASN Authentication Solution
Authenticate your users by having them verify their ASN ownership with KIOUBIT-MNT using their registry-provided methods in an automated way. An example of this is the automatic peering system for the Kioubit Network. Authenticate your users by having them verify their ASN ownership with KIOUBIT-MNT using their registry-provided methods in an automated way. An example of this is the automatic peering system for the Kioubit Network.
@ -66,24 +68,24 @@ To use the service, please message Kioubit on IRC to have your domain activated
| Hostname / IP | Remarks | | Hostname / IP | Remarks |
|:--------------|:--------| |:--------------|:--------|
| https://lounge.burble.dn42 | [thelounge](https://thelounge.chat/) for lurking on #dn42, see [burble.dn42 services](https://dn42.burble.com/home/burble-dn42-services). | | <https://lounge.burble.dn42> | [thelounge](https://thelounge.chat/) for lurking on #dn42, see [burble.dn42 services](https://dn42.burble.com/home/burble-dn42-services). |
| https://irc.pebkac.dn42 | [thelounge](https://thelounge.chat/) for lurking on #dn42, ask TOMKAP-DN42 for an account | | <https://irc.pebkac.dn42> | [thelounge](https://thelounge.chat/) for lurking on #dn42, ask TOMKAP-DN42 for an account |
## Images, E-Books, Videos and other Media ## Images, E-Books, Videos and other Media
| Hostname / IP | Remarks | | Hostname / IP | Remarks |
|:------------------------------------------------- |:-------------------------------------------------------- | |:------------------------------------------------- |:-------------------------------------------------------- |
| http://j.munsternet.dn42 | Jellyfin instance with movies and TV shows (test). | | <http://j.munsternet.dn42> | Jellyfin instance with movies and TV shows (test). |
## Radio and Video Streaming ## Radio and Video Streaming
| Hostname / IP | Remarks | | Hostname / IP | Remarks |
|:------------------------------------------------- |:-------------------------------------------------------------- | |:------------------------------------------------- |:-------------------------------------------------------------- |
| https://live.jerry.dn42/ | Live audio stream powered by mpd | | <https://live.jerry.dn42/> | Live audio stream powered by mpd |
| http://deep.radio.unknownts.dn42/ | Internet radio playing random music | | <http://deep.radio.unknownts.dn42/> | Internet radio playing random music |
| https://dn42:dn42@tv.munsternet.dn42/playlist | TV Channels Streaming | | <https://dn42:dn42@tv.munsternet.dn42/playlist> | TV Channels Streaming |
| http://icy.jones.dn42 | Home grown Icecast Radio covering a number of genres (HLS & Player coming soon [ish]!) | | <http://icy.jones.dn42> | Home grown Icecast Radio covering a number of genres (HLS & Player coming soon [ish]!) |
| http://rickroll.dn42 | Play Rickroll Video | <http://rickroll.dn42> | Play Rickroll Video
## File Sharing ## File Sharing
@ -103,16 +105,16 @@ Some [Advanced Direct Connect](https://en.wikipedia.org/wiki/Advanced_Direct_Con
| Hostname / IP | Space | Speed | Remarks | | Hostname / IP | Space | Speed | Remarks |
|:----------------------------------------------------------- |:----- |:----------- |:---------------------------------------------- | |:----------------------------------------------------------- |:----- |:----------- |:---------------------------------------------- |
| http://files.nop.dn42 | | max 1Mbit/s | download only | | <http://files.nop.dn42> | | max 1Mbit/s | download only |
| http://rfc-editor.dn42 | | max 1Mbit/s | download only | | <http://rfc-editor.dn42> | | max 1Mbit/s | download only |
## VPN ## VPN
DN42 Network Access over Automatic Wireguard VPN Service (IPv6 only, fd00::/8) DN42 Network Access over Automatic Wireguard VPN Service (IPv6 only, fd00::/8)
provided by TheQ at https://dn42.0011.de/vpnusers provided by TheQ at <https://dn42.0011.de/vpnusers>
## Proxies ## Proxies
See http://wiki.hamburg.ccc.de/ChaosVPN:Proxy See <http://wiki.hamburg.ccc.de/ChaosVPN:Proxy>
### Telegram ### Telegram
A MTProxy server is available at [mtp.jerry.dn42:8044](https://t.me/proxy?server=mtp.jerry.dn42&port=8044&secret=ee1419944c0a129dbba2beb2636fcf361a616e64726f69642e676f6f676c65736f757263652e636f6d). A MTProxy server is available at [mtp.jerry.dn42:8044](https://t.me/proxy?server=mtp.jerry.dn42&port=8044&secret=ee1419944c0a129dbba2beb2636fcf361a616e64726f69642e676f6f676c65736f757263652e636f6d).
@ -173,8 +175,8 @@ Test out your skills with online challenges
| Start here | Remarks | | Start here | Remarks |
|:------------------------------------------------- |:---------------------------------- | |:------------------------------------------------- |:---------------------------------- |
| https://burble.dn42/services/ping/ | burble.dn42 ping challenge | | <https://burble.dn42/services/ping/> | burble.dn42 ping challenge |
| http://172.20.14.37:3333/ | Kioubit.dn42 challenge | | <http://172.20.14.37:3333/> | Kioubit.dn42 challenge |
@ -199,37 +201,37 @@ See also the [burble.dn42 website](https://dn42.burble.com/services/shell/) for
| Website | Description | | Website | Description |
| ------------------------------------------------- | ------------------------------------------------------------------------------ | | ------------------------------------------------- | ------------------------------------------------------------------------------ |
| https://burble.dn42/ | burble.dn42 website | | <https://burble.dn42/> | burble.dn42 website |
| http://www.marlinc.dn42/ | Marlinc website | | <http://www.marlinc.dn42/> | Marlinc website |
| [https://mk16de.bandura.dn42/](https://mk16de.bandura.dn42/) | Marek's site | | <https://mk16de.bandura.dn42/> | Marek's site |
| http://lpnet0.dn42/ | LAUNCHPAD-NETWORK official website | | <http://lpnet0.dn42/> | LAUNCHPAD-NETWORK official website |
## Misc ## Misc
| Hostname / IP | Remarks | | Hostname / IP | Remarks |
| ------------------------------------------------- | ------------------------------------------------------------------------------ | | ------------------------------------------------- | ------------------------------------------------------------------------------ |
|[https://bbs.dn42](https://bbs.dn42), [https://dn42bbs.0b1.me](https://dn42bbs.0b1.me) via Clearnet | A general BBS powered by Flarum for virtually any topics. Maintained by nicholascw.| | <https://bbs.dn42>, <https://dn42bbs.0b1.me> via Clearnet | A general BBS powered by Flarum for virtually any topics. Maintained by nicholascw.|
| http://www.nop.dn42/ | Basic "whatismyip" service | | <http://www.nop.dn42/> | Basic "whatismyip" service |
| http://freertr.dn42/ | freeRouter main site | | <http://freertr.dn42/> | freeRouter main site |
| http://sources.nop.dn42 | freeRouter source tree | | <http://sources.nop.dn42> | freeRouter source tree |
| http://webdj.nop.dn42/ | controller of the rtp://172.23.199.110@232.2.3.2:1234/ stream | | <http://webdj.nop.dn42/> | controller of the rtp://172.23.199.110@232.2.3.2:1234/ stream |
| http://fun.nop.dn42/ | some funny images and videos | | <http://fun.nop.dn42/> | some funny images and videos |
| http://pvrp.nop.dn42/ | a path vector igp main site | | <http://pvrp.nop.dn42/> | a path vector igp main site |
| http://lsrp.nop.dn42 | a link state igp main site | | <http://lsrp.nop.dn42> | a link state igp main site |
| http://hwp0rn.nop.dn42 | girls with switches and routers, a hwpr0n.se mirror | | <http://hwp0rn.nop.dn42> | girls with switches and routers, a hwpr0n.se mirror |
| http://paste.nop.dn42 | yet another paste service | | <http://paste.nop.dn42> | yet another paste service |
| http://rtros.nop.dn42/ | freeRouter distribution | | <http://rtros.nop.dn42/> | freeRouter distribution |
| http://ix.nop.dn42 | mcast-ix main site | | <http://ix.nop.dn42> | mcast-ix main site |
| http://mpls.dn42/ | a brief description of MPLS technology | | <http://mpls.dn42/> | a brief description of MPLS technology |
| http://wiki.dn42, http://internal.dn42 | This wiki! Git Repo hosted on git.dn42 | | <http://wiki.dn42>, <http://internal.dn42> | This wiki! Git Repo hosted on git.dn42 |
| http://jack.pyropeter.eu/dn42/routecount/ | Statistics about the number of v4/v6 routes seen by AS76115 (Since Aug. 2014) | | <http://jack.pyropeter.eu/dn42/routecount/> | Statistics about the number of v4/v6 routes seen by AS76115 (Since Aug. 2014) |
| https://p.pebkac.dn42/ | PasteBin Service (Netcat/Bash CLI Client) | | <https://p.pebkac.dn42/> | PasteBin Service (Netcat/Bash CLI Client) |
| https://sdr.pebkac.dn42/ | OpenWebRX SDR Receiver, FM/VHF/UHF Analog & Digital | | <https://sdr.pebkac.dn42/> | OpenWebRX SDR Receiver, FM/VHF/UHF Analog & Digital |
| http://www.marlinc.dn42/ | Marlinc website | | <http://www.marlinc.dn42/> | Marlinc website |
| https://urandom.catgirls.dn42/ | Message board | | <https://urandom.catgirls.dn42/> | Message board |
| [Clearnet](https://flapping.p2p-node.de/dashboard/), [dn42](https://flapping.bandura.dn42/dashboard), [NeoNetwork](https://flapping.bandura.neo/dashboard/) | FlapAlertedPro by Kioubit hosted by mark22k | | [Clearnet](https://flapping.p2p-node.de/dashboard/), [dn42](https://flapping.bandura.dn42/dashboard), [NeoNetwork](https://flapping.bandura.neo/dashboard/) | FlapAlertedPro by Kioubit hosted by mark22k |
| https://flaps.pebkac.dn42/ | FlapAlertedPro by Kioubit hosted by AS4242422092 | | <https://flaps.pebkac.dn42/> | FlapAlertedPro by Kioubit hosted by AS4242422092 |
| [Clearnet](https://monkic.mk16.de/), [dn42](https://monkic.mk16.de/) | Monkic (Game in German) | | [Clearnet](https://monkic.mk16.de/), [dn42](https://monkic.mk16.de/) | Monkic (Game in German) |
| [dn42](https://draw.bandura.dn42/),[NeoNetwork](http://draw.bandura.neo/), [CRXN](http://draw.bandura.crxn/) | Excalidraw instance | | [dn42](https://draw.bandura.dn42/),[NeoNetwork](http://draw.bandura.neo/), [CRXN](http://draw.bandura.crxn/) | Excalidraw instance |
@ -242,7 +244,7 @@ There is a list of E-Mail providers [here](/services/E-Mail-Providers)
## SIM cards / Home cable connections (in NL) ## SIM cards / Home cable connections (in NL)
For people in The Netherlands you can join cooperation ONT as member, our goal it is to give anyone the ability to be their own ISP with SIM cards and home connections. Allowing you to connect your own phone or home directly to DN42 and other networks. Interested? Check http://www.marlinc.dn42/ont/ For people in The Netherlands you can join cooperation ONT as member, our goal it is to give anyone the ability to be their own ISP with SIM cards and home connections. Allowing you to connect your own phone or home directly to DN42 and other networks. Interested? Check <http://www.marlinc.dn42/ont/>
# Other networks # Other networks
@ -250,6 +252,6 @@ For people in The Netherlands you can join cooperation ONT as member, our goal i
## Public Internet ## Public Internet
* https://mirror.frubar.net 100MBit * <https://mirror.frubar.net> 100MBit
* https://frucman.frubar.net * <https://frucman.frubar.net>

View File

@ -46,11 +46,11 @@ Document your mad setups in the categories below, with links to a full write up,
- 04dco: At a maximum theoretical speed of a whopping 28.8 Kbps, web browsing and IRC chatting were done. My site still loads faster than everyone else's :) - 04dco: At a maximum theoretical speed of a whopping 28.8 Kbps, web browsing and IRC chatting were done. My site still loads faster than everyone else's :)
![Screenshot of Windows XP while chatting on a familiar client](images/ircdun.png) ![Screenshot of Windows XP while chatting on a familiar client](/internal/images/ircdun.png)
- grawity: Lacking a physical modem, configured VirtualBox to attach the Windows 98 serial port to a TCP modem emulator at dialup.burble.dn42. Listening to a shoutcast stream of local FM radio station. - grawity: Lacking a physical modem, configured VirtualBox to attach the Windows 98 serial port to a TCP modem emulator at dialup.burble.dn42. Listening to a shoutcast stream of local FM radio station.
![Screenshot of Win98 showing "Connection Established"](images/win98dun.png) ![Screenshot of Win98 showing "Connection Established"](/internal/images/win98dun.png)
## Things that use dn42 ## Things that use dn42
- Fun stuff that you've done with dn42 - Fun stuff that you've done with dn42

View File

@ -42,7 +42,7 @@ _Note that the same warnings above also apply to the following proxies._
_Note that the same warnings above also apply to the following proxies._ _Note that the same warnings above also apply to the following proxies._
See https://blog.benjojo.co.uk/post/tor-onions-to-v6-with-iptables-proxy for more details See <https://blog.benjojo.co.uk/post/tor-onions-to-v6-with-iptables-proxy> for more details
| Suffix Change | Bandwidth | Contact | | Suffix Change | Bandwidth | Contact |
|---------------------------------------|-------------|-------------| |---------------------------------------|-------------|-------------|

View File

@ -41,8 +41,8 @@ User certificates are signed for 180 days. To renew follow the steps above start
Server certificates are signed for 45 days. To renew follow the steps above starting from number 3. Server certificates are signed for 45 days. To renew follow the steps above starting from number 3.
[keypin]: https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning [keypin]: <https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning>
[ca-mtn]: https://ca.dn42/reg/mntner/ [ca-mtn]: <https://ca.dn42/reg/mntner/>
*Certificate Revocations* *Certificate Revocations*
@ -70,7 +70,7 @@ Because the name constraint is "DNS:.dn42" it fails to validate.
[Read more on this mailing list thread][libssl-1] [Read more on this mailing list thread][libssl-1]
[libssl-1]: https://groups.google.com/forum/#!topic/mailing.openssl.dev/drG3U-S4iaE [libssl-1]: <https://groups.google.com/forum/#!topic/mailing.openssl.dev/drG3U-S4iaE>
### X.509 nameConstraints on certificates not supported on OS X ### X.509 nameConstraints on certificates not supported on OS X
@ -80,8 +80,8 @@ Browsers and clients that rely on Apple's [Secure Transport][osx-1] library does
Read more on this [stack exchange post][osx-2] Read more on this [stack exchange post][osx-2]
[osx-1]: https://developer.apple.com/library/mac/documentation/Security/Reference/secureTransportRef/ [osx-1]: <https://developer.apple.com/library/mac/documentation/Security/Reference/secureTransportRef/>
[osx-2]: http://security.stackexchange.com/a/97133 [osx-2]: <http://security.stackexchange.com/a/97133>
## How to Run ## How to Run

View File

@ -6,20 +6,20 @@ It is recommended to use the [DN42 Pingfinder](https://dn42.us/peers/) to find t
ASN | Network | Autopeer URL | ASN | Network | Autopeer URL |
:------------:|:--------:|--------------| :------------:|:--------:|--------------|
AS64719 | [lutoma](https://dn42.lutoma.org) | https://dn42.lutoma.org | AS64719 | [lutoma](https://dn42.lutoma.org) | <https://dn42.lutoma.org> |
AS4242420603 | [MolMoe Network](https://dn42.mol.moe) |https://dn42.mol.moe | AS4242420603 | [MolMoe Network](https://dn42.mol.moe) | <https://dn42.mol.moe> |
AS4242420927 | [Liki4](https://dn42.liki.link) |https://dn42.liki.link | AS4242420927 | [Liki4](https://dn42.liki.link) | <https://dn42.liki.link> |
AS4242421588 | [TECH9 CORE NETWORK](https://www.chrismoos.com/dn42-peering) |https://www.chrismoos.com/dn42-peering | AS4242421588 | [TECH9 CORE NETWORK](https://www.chrismoos.com/dn42-peering) | <https://www.chrismoos.com/dn42-peering> |
AS4242421816 | [Potat0 Network](https://dn42.potat0.cc) | https://dn42.potat0.cc | AS4242421816 | [Potat0 Network](https://dn42.potat0.cc) | <https://dn42.potat0.cc> |
AS4242421817 | [KSKB Network](https://dn42.kskb.eu.org) | https://dn42.kskb.eu.org| AS4242421817 | [KSKB Network](https://dn42.kskb.eu.org) | <https://dn42.kskb.eu.org> |
AS4242422189 | [IEDON-NET](https://dn42.kuu.moe) | https://dn42.kuu.moe | AS4242422189 | [IEDON-NET](https://dn42.kuu.moe) | <https://dn42.kuu.moe> |
AS4242422717 | [JK-Network](https://net.whojk.com) | https://net.whojk.com | AS4242422717 | [JK-Network](https://net.whojk.com) | <https://net.whojk.com> |
AS4242423035 | [LARE-DN42](https://dn42.lare.cc) | https://dn42.lare.cc/autopeer | AS4242423035 | [LARE-DN42](https://dn42.lare.cc) | <https://dn42.lare.cc/autopeer> |
AS4242423088 | [SUNNET](https://dn42.6700.cc) |https://peer.dn42.6700.cc| AS4242423088 | [SUNNET](https://dn42.6700.cc) | <https://peer.dn42.6700.cc> |
AS4242423847 | [TheQ Network](https://dn42.0011.de) |https://dn42.0011.de| AS4242423847 | [TheQ Network](https://dn42.0011.de) | <https://dn42.0011.de> |
AS4242423914 | [Kioubit Network](https://dn42.g-load.eu) |https://dn42.g-load.eu| AS4242423914 | [Kioubit Network](https://dn42.g-load.eu) | <https://dn42.g-load.eu> |
AS4242422244 | [ICEZ-DN42](https://sgp.dn42.icez.net/) | https://sgp.dn42.icez.net/ | AS4242422244 | [ICEZ-DN42](https://sgp.dn42.icez.net/) | <https://sgp.dn42.icez.net/> |
TODO: add https://theresa.network/peer.html TODO: add <https://theresa.network/peer.html>
Sort by AS number Sort by AS number

View File

@ -1,7 +1,7 @@
# SSL Certificate Authority # SSL Certificate Authority
internal.dn42 is signed by an internally maintained CA that is only allowed to sign *.dn42 domains. internal.dn42 is signed by an internally maintained CA that is only allowed to sign *.dn42 domains.
If you would like to have a certificate signed by this CA there is [an automated process to do so](Automatic-CA). The CA is maintained by xuu@dn42.us If you would like to have a certificate signed by this CA there is [an automated process to do so](/services/Automatic-CA). The CA is maintained by xuu@dn42.us
The CA certificate ([dn42](https://ca.dn42/crt/root-ca.crt), [iana](https://ca.dn42.us/crt/root-ca.crt)): The CA certificate ([dn42](https://ca.dn42/crt/root-ca.crt), [iana](https://ca.dn42.us/crt/root-ca.crt)):
@ -169,4 +169,4 @@ $ update-ca-certificates
## PKI Store ## PKI Store
All issued keys and crl information are posted at: https://ca.dn42/ All issued keys and crl information are posted at: <https://ca.dn42/>

View File

@ -10,7 +10,7 @@ To provide services over the public internet some community members have contrib
DNS records for these domains are managed by a gitea repository: DNS records for these domains are managed by a gitea repository:
- [https://git.dn42.dev/dns/clearnet](https://git.dn42.dev/dns/clearnet) - <https://git.dn42.dev/dns/clearnet>
The repository uses the registry drone CI service and [DNSControl](https://stackexchange.github.io/dnscontrol/) to automatically build and push changes. This provides a degree of independence for the domains and allows them to be updated by any of the registry maintainers. The repository uses the registry drone CI service and [DNSControl](https://stackexchange.github.io/dnscontrol/) to automatically build and push changes. This provides a degree of independence for the domains and allows them to be updated by any of the registry maintainers.

View File

@ -1,7 +1,7 @@
# this page is outdated and need update # this page is outdated and need update
The idea is to deploy mirrors across dn42 using [anycast](https://en.wikipedia.org/wiki/Anycast) addressing (BGP), thus providing redundancy, load-balancing and improved access times to the wiki. Sites are powered by [gollum](https://github.com/gollum/gollum) which has no native SSL support, so Nginx acts as a reverse proxy and handles the encryption. The idea is to deploy mirrors across dn42 using [anycast](https://en.wikipedia.org/wiki/Anycast) addressing (BGP), thus providing redundancy, load-balancing and improved access times to the wiki. Sites are powered by [gollum](https://github.com/gollum/gollum) which has no native SSL support, so Nginx acts as a reverse proxy and handles the encryption.
The local webserver is monitored with a simple [shell script](Distributed-Wiki#exabgp_watchdog-script) working [in conjunction](Distributed-Wiki#exabgp) with [ExaBGP](https://github.com/Exa-Networks/exabgp), announcing/withdrawing the assigned route if the service is up/down. The local webserver is monitored with a simple [shell script](/services/Distributed-Wiki#exabgp_watchdog-script) working [in conjunction](Distributed-Wiki#exabgp) with [ExaBGP](https://github.com/Exa-Networks/exabgp), announcing/withdrawing the assigned route if the service is up/down.
## Prerequisites ## Prerequisites

View File

@ -1,9 +1,9 @@
If you have an E-Mail service and would like to test it's functionality, send an email to zane_reick@dmail.dn42. You will get a response usually within a few hours. If you have an E-Mail service and would like to test it's functionality, send an email to [zane_reick@dmail.dn42](mailto:zane_reik@dmail.dn42). You will get a response usually within a few hours.
**Free E-Mail Addresses for DN42 Users.** **Free E-Mail Addresses for DN42 Users.**
* DN42 Mail, https://dmail.dn42 * DN42 Mail, <https://dmail.dn42>
* Free, easy to sign up, unlimited internal emailing. Hosted by zane_reick * Free, easy to sign up, unlimited internal emailing. Hosted by zane_reick
* Register at https://dmail.dn42/register/register.php * Register at <https://dmail.dn42/register/register.php>
### Simplelogin server: ### Simplelogin server:
* a selfhosted [Simplelogin](https://simplelogin.io/) server for dn42.cc * a selfhosted [Simplelogin](https://simplelogin.io/) server for dn42.cc

View File

@ -9,12 +9,12 @@ IXP frnte operated by LGP Corp: [IXP frnte](/services/IXP-frnte)
A few people have provided exchanges previously on DN42, however they created single A few people have provided exchanges previously on DN42, however they created single
points of failure and are no longer operating points of failure and are no longer operating
* Amsterdam (OpenVPN) - NL Zuid (marlinc) - [https://nl-zuid.dn42/](https://nl-zuid.dn42/) * Amsterdam (OpenVPN) - NL Zuid (marlinc) - <https://nl-zuid.dn42/>
* Los Angeles (OpenVPN) - tombii - [https://nl-zuid.dn42/](https://nl-zuid.dn42/) * Los Angeles (OpenVPN) - tombii - <https://nl-zuid.dn42/>
* New York (OpenVPN) - tombii - [https://nl-zuid.dn42/](https://nl-zuid.dn42/) * New York (OpenVPN) - tombii - <https://nl-zuid.dn42/>
* Falkenstein/Hetzner (OpenVPN) - GRMML (Nurtic-Vibe) - [https://nl-zuid.dn42/](https://nl-zuid.dn42/) * Falkenstein/Hetzner (OpenVPN) - GRMML (Nurtic-Vibe) - <https://nl-zuid.dn42/>
* India (OpenVPN) - Technopoint - apply via email to mafiosa.virus@gmail.com (reply within 24hours) * India (OpenVPN) - Technopoint - apply via email to [mafiosa.virus@gmail.com](mailto:mafiosa.virus@gmail.com) (reply within 24hours)
The NL-Zuid website is also available from the public internet: https://nl-zuid.nl The NL-Zuid website is also available from the public internet: <https://nl-zuid.nl>
Its generally recommended to only announce prefixes from your own network and that of your transit customers. Its generally recommended to only announce prefixes from your own network and that of your transit customers.

View File

@ -12,14 +12,13 @@ Remember, if you announce an anycast /64, then you need to provide **all** servi
| **Name** | **Service address** | **Protocol/port** | **Comment** | | **Name** | **Service address** | **Protocol/port** | **Comment** |
| ---------------------- | ------------------------- | ----------------- | ----------------------------- | | ---------------------- | ------------------------- | ----------------- | ----------------------------- |
| Recursive DNS resolver | `fd42:d42:d42:54::1/64` | UDP/53 | `.` and `dn42.` [Providers][] | | Recursive DNS resolver | `fd42:d42:d42:54::1/64` | UDP/53 | `.` and `dn42.` [Providers](/services/dns/Providing-Anycast-DNS#Persons-providing-anycast-DNS-for-IPv6) |
| Whois Database | `fd42:d42:d42:43::1/64` | TCP/43 | | | Whois Database | `fd42:d42:d42:43::1/64` | TCP/43 | |
| TOR SOCKS5 Proxy | `fd42:d42:d42:9050::1/64` | TCP/9050 | | | TOR SOCKS5 Proxy | `fd42:d42:d42:9050::1/64` | TCP/9050 | |
| internal Wiki | `fd42:d42:d42:80::1/64` | TCP/80, TCP/443 | | | internal Wiki | `fd42:d42:d42:80::1/64` | TCP/80, TCP/443 | |
| myip.dn42 | `fd42:d42:d42:81::1/64` | TCP/80 | | | myip.dn42 | `fd42:d42:d42:81::1/64` | TCP/80 | |
[Providers]: dns/Providing-Anycast-DNS#Persons-providing-anycast-DNS-for-IPv6
### Future services ### Future services

View File

@ -1,6 +1,6 @@
we're planning to have a mcast-ix.dn42 somewhere in the cloud at #dn42 for years now... we're planning to have a mcast-ix.dn42 somewhere in the cloud at #dn42 for years now...
now we have a pull req with cosmetical issues only: https://git.dn42.dev/dn42/registry/pulls/2575 now we have a pull req with cosmetical issues only: <https://git.dn42.dev/dn42/registry/pulls/2575>
the main goal is to have a shared lan where ases can peer to each other with the following conditions: the main goal is to have a shared lan where ases can peer to each other with the following conditions:
* pure ethernet * pure ethernet
@ -90,7 +90,7 @@ static addressing plan, there is a randomized dhcp and slaac on the subnet but c
| rtr1-nop | 1955 | 172.23.124.122/27 | fde0:93fa:7a0:c1ca::1955/64 | fe80::200:ccff:fe1e:c0de | telnet sandbox.freertr.org | | rtr1-nop | 1955 | 172.23.124.122/27 | fde0:93fa:7a0:c1ca::1955/64 | fe80::200:ccff:fe1e:c0de | telnet sandbox.freertr.org |
| rtr1-catgirls | 1411 | 172.23.124.101/27 | fde0:93fa:7a0:c1ca:581a:fc3f:a2d0:828c/64 | fe80::1411:5 | TBD: SOON | | rtr1-catgirls | 1411 | 172.23.124.101/27 | fde0:93fa:7a0:c1ca:581a:fc3f:a2d0:828c/64 | fe80::1411:5 | TBD: SOON |
| rtr1-catgirls2 | 1411 | TBD | TBD | TBD | TBD: SOON | | rtr1-catgirls2 | 1411 | TBD | TBD | TBD | TBD: SOON |
| rtr1-lare | 3035 | 172.23.124.114/27 | fde0:93fa:7a0:c1ca:0:42:4242:3035/64 | fe80::21f:45ff:fe11:7356 | clearnet: https://lg.lare.cc/ dn42: https://lg.lare.dn42/ | | rtr1-lare | 3035 | 172.23.124.114/27 | fde0:93fa:7a0:c1ca:0:42:4242:3035/64 | fe80::21f:45ff:fe11:7356 | clearnet: <https://lg.lare.cc/> dn42: <https://lg.lare.dn42/> |
| rtr1-bri | 2825 | TBD | TBD | TBD | TBD | | rtr1-bri | 2825 | TBD | TBD | TBD | TBD |
| rtr1-jlu5 | 1080 | TBD | TBD | TBD | TBD | | rtr1-jlu5 | 1080 | TBD | TBD | TBD | TBD |
| rtr1-fl | 1975 | TBD | TBD | TBD | TBD | | rtr1-fl | 1975 | TBD | TBD | TBD | TBD |
@ -110,7 +110,7 @@ TBD: add yourself please here while keeping some ordering
| bad-corp-rtr1 | telnet ix.nop.dn42 20003 | | bad-corp-rtr1 | telnet ix.nop.dn42 20003 |
public mrt dumps and config archive of the infra at http://ix.nop.dn42/ here public mrt dumps and config archive of the infra at <http://ix.nop.dn42/> here

View File

@ -8,38 +8,38 @@ Please sort by AS number.
| AS | URL | | AS | URL |
|:--:|:--- | |:--:|:--- |
| 64719 | ext: https://lg.dn42.lutoma.org <br> dn42: https://lg.lutoma.dn42 | | 64719 | ext: <https://lg.dn42.lutoma.org> <br> dn42: <https://lg.lutoma.dn42> |
| 64737 | ext: https://lg.dn42.us | | 64737 | ext: <https://lg.dn42.us> |
| 4242420181 | ext: https://lg.dn42.miegl.cz <br> dn42: http://lg.mgl.dn42 | | 4242420181 | ext: <https://lg.dn42.miegl.cz> <br> dn42: <http://lg.mgl.dn42> |
| 4242420197 | ext: https://lg.n0emis.eu <br> dn42: https://lg.n0emis.dn42 (soon) | | 4242420197 | ext: <https://lg.n0emis.eu> <br> dn42: <https://lg.n0emis.dn42> (soon) |
| 4242420304 | ext: https://lg.04d.co <br> dn42: https://lg.04dco.dn42 | | 4242420304 | ext: <https://lg.04d.co> <br> dn42: <https://lg.04dco.dn42> |
| 4242420458 | ext: https://lg.huajinet.org | | 4242420458 | ext: <https://lg.huajinet.org> |
| 4242420585 | ext: https://dn42.atolm.net/lg <br> dn42: http://atolm.dn42/lg | | 4242420585 | ext: <https://dn42.atolm.net/lg> <br> dn42: <http://atolm.dn42/lg> |
| 4242420831 | ext: https://lg.dn42.tms.im | | 4242420831 | ext: <https://lg.dn42.tms.im> |
| 4242420927 | ext: https://lg.dn42.liki.link | | 4242420927 | ext: <https://lg.dn42.liki.link> |
| 4242421022 | ext: https://lg.bsdrocker.com | | 4242421022 | ext: <https://lg.bsdrocker.com> |
| 4242421050 | ext: https://lg.dn42.napshome.net <br> dn42: http://lg.napshome.dn42 | | 4242421050 | ext: <https://lg.dn42.napshome.net> <br> dn42: <http://lg.napshome.dn42> |
| 4242421080 | ext: https://lg.highdef.network <br> dn42: http://lg.highdef.dn42 | | 4242421080 | ext: <https://lg.highdef.network> <br> dn42: <http://lg.highdef.dn42> |
| 4242421123 | ext: https://dn42.ccp.ovh <br> dn42: http://n.dn42 | | 4242421123 | ext: <https://dn42.ccp.ovh> <br> dn42: <http://n.dn42> |
| 4242421411 | ext: https://lg.famfo.xyz <br> dn42: https://lg.catgirls.dn42 | | 4242421411 | ext: <https://lg.famfo.xyz> <br> dn42: <https://lg.catgirls.dn42> |
| 4242421722 | ext: https://lg42.tchekda.fr <br> dn42: http://lg42.tchekda.dn42 | | 4242421722 | ext: <https://lg42.tchekda.fr> <br> dn42: <http://lg42.tchekda.dn42> |
| 4242421816 | ext: https://lg.dn42.potat0.cc <br> dn42: http://lg.potat0.dn42 | | 4242421816 | ext: <https://lg.dn42.potat0.cc> <br> dn42: <http://lg.potat0.dn42> |
| 4242421955 | dn42: http://lg.nop.dn42 <br> telnet:test.nop.dn42 <br> ext: http://sandbox.freertr.org| | 4242421955 | dn42: <http://lg.nop.dn42> <br> telnet:test.nop.dn42 <br> ext: <http://sandbox.freertr.org> |
| 4242422092 | ext: https://lg.dn42.pebkac.gr <br> dn42: http://lg.pebkac.dn42 <br> IPv4 and IPv6 | | 4242422092 | ext: <https://lg.dn42.pebkac.gr> <br> dn42: <http://lg.pebkac.dn42> <br> IPv4 and IPv6 |
| 4242422206 | ext: https://lg.dn42.est-it.de <br> dn42: https://lg.techanit.dn42 <br> IPv4 and IPv6 | | 4242422206 | ext: <https://lg.dn42.est-it.de> <br> dn42: <https://lg.techanit.dn42> <br> IPv4 and IPv6 |
| 4242422237 | ext: https://lg.dn42.munsternet.eu <br> dn42: http://lg.munsternet.dn42 <br> IPv6 only | | 4242422237 | ext: <https://lg.dn42.munsternet.eu> <br> dn42: <http://lg.munsternet.dn42> <br> IPv6 only |
| 4242422439 | ext: https://lg.dn42.saru.moe <br> dn42: https://lg.saru.dn42 | | 4242422439 | ext: <https://lg.dn42.saru.moe> <br> dn42: <https://lg.saru.dn42> |
| 4242422575 | dn42: https://lg.androw.dn42 <br> ext: https://lg.androw.eu | | 4242422575 | dn42: <https://lg.androw.dn42> <br> ext: <https://lg.androw.eu> |
| 4242422601 | dn42: http://lg.burble.dn42 <br> ext: https://lg.burble.com | | 4242422601 | dn42: <http://lg.burble.dn42> <br> ext: <https://lg.burble.com> |
| 4242422633 | dn42: http://lg.eb.dn42 <br> ext: https://lg.eastbnd.com | | 4242422633 | dn42: <http://lg.eb.dn42> <br> ext: <https://lg.eastbnd.com> |
| 4242422717 | ext: https://lg.whojk.com | | 4242422717 | ext: <https://lg.whojk.com> |
| 4242422904 | ext: https://lg.doxz.net | | 4242422904 | ext: <https://lg.doxz.net> |
| 4242423035 | ext: https://lg.lare.cc <br> dn42: https://lg.lare.dn42 | | 4242423035 | ext: <https://lg.lare.cc> <br> dn42: <https://lg.lare.dn42> |
| 4242423088 | ext: https://lg.dn42.6700.cc <br> dn42: http://lg.sun.dn42 | | 4242423088 | ext: <https://lg.dn42.6700.cc> <br> dn42: <http://lg.sun.dn42> |
| 4242423315 | ext: http://lg.unknownts.tk <br> dn42: http://unknownts.dn42 | | 4242423315 | ext: <http://lg.unknownts.tk> <br> dn42: <http://unknownts.dn42> |
| 4242423411 | ext: --------------------------- <br> dn42: http://lg.goldlineit.dn42 | | 4242423411 | ext: --------------------------- <br> dn42: <http://lg.goldlineit.dn42> |
| 4242423868 | ext: http://lg-dn42.chimon.org | | 4242423868 | ext: <http://lg-dn42.chimon.org> |
| 4242421869 | ext: https://lg.usman.network <br> dn42: http://lg.usman.dn42 | | 4242421869 | ext: <https://lg.usman.network> <br> dn42: <http://lg.usman.dn42> |
## Down ## Down
@ -48,52 +48,53 @@ These looking glasses were added to the table at some point, but now seem to be
| AS | URL | | AS | URL |
|:--:|:--- | |:--:|:--- |
| 64720 | ext: http://lg.prauscher.de <br> dn42: http://lg.prauscher.dn42 | | 64720 | ext: <http://lg.prauscher.de> <br> dn42: <http://lg.prauscher.dn42> |
| 64766 | ext: http://ix.ucis.nl/routes.php <br> dn42: http://ix.ucis.dn42/routes.php <br> IPv4 only. | | 64766 | ext: <http://ix.ucis.nl/routes.php> <br> dn42: <http://ix.ucis.dn42/routes.php> <br> IPv4 only. |
| 64835 | ext: http://lg.nordkapp-5.dn42 <br> dn42: http://172.22.235.4 | | 64835 | ext: <http://lg.nordkapp-5.dn42> <br> dn42: <http://172.22.235.4> |
| 65529 | ext: http://bgp.freifunk-bielefeld.de/ulg/ulg.py <br> Interactive, BGP-map | | 65529 | ext: <http://bgp.freifunk-bielefeld.de/ulg/ulg.py> <br> Interactive, BGP-map |
| 76103 | ext: http://lg.nixnodes.net <br> dn42: http://lg.nixnodes.dn42 <br> IPv4 only. | | 76103 | ext: <http://lg.nixnodes.net> <br> dn42: <http://lg.nixnodes.dn42> <br> IPv4 only. |
| 76142 | dn42: http://lg.ffdn.dn42 <br> Interactive, BGP-map | | 76142 | dn42: <http://lg.ffdn.dn42> <br> Interactive, BGP-map |
| 4242420013 | ext: http://dn42.netrik.de/de-fra1 <br> dn42: http://172.22.232.5/de-fra1 <br> Interactive, BGP-map | | 4242420013 | ext: <http://dn42.netrik.de/de-fra1> <br> dn42: <http://172.22.232.5/de-fra1> <br> Interactive, BGP-map |
| 4242420022 | dn42: http://mhm.dn42:5001 | | 4242420022 | dn42: <http://mhm.dn42:5001> |
| 4242420101 | ext: http://core1.darmstadt.ccc.de <br> ext: http://edge1.core.chaos-darmstadt.de <br> dn42: http://lg.cda.dn42 | | 4242420101 | ext: <http://core1.darmstadt.ccc.de> <br> ext: <http://edge1.core.chaos-darmstadt.de> <br> dn42: <http://lg.cda.dn42> |
| 4242420123 | dn42: https://lg.grmml.dn42 <br> Interactive (traceroute, BGP-map) | | 4242420123 | dn42: <https://lg.grmml.dn42> <br> Interactive (traceroute, BGP-map) |
| 4242420151 | ext: ssh bird-lg@dn42-uk-london0.dn42.bauen1.xyz <br> restricted bird shell | | 4242420151 | ext: ssh bird-lg@dn42-uk-london0.dn42.bauen1.xyz <br> restricted bird shell |
| 4242420184 | ext: http://peerfinder.polyno.me <br> dn42: http://peerfinder.polynome.dn42 <br> Can be used as a distributed looking glass if you give it a dn42 address. | | 4242420184 | ext: <http://peerfinder.polyno.me> <br> dn42: <http://peerfinder.polynome.dn42> <br> Can be used as a distributed looking glass if you give it a dn42 address. |
| 4242420184 | dn42: http://dataviz.polynome.dn42/dn42/lastseen <br> Non-interactive "BGP last seen" service: keeps an history of previously announced BGP prefixes. | | 4242420184 | dn42: <http://dataviz.polynome.dn42/dn42/lastseen> <br> Non-interactive "BGP last seen" service: keeps an history of previously announced BGP prefixes. |
| 4242420200 | dn42: http://lg.punkt.dn42 <br> Interactive (traceroute, BGP-map) | | 4242420200 | dn42: <http://lg.punkt.dn42> <br> Interactive (traceroute, BGP-map) |
| 4242420300 | ext: http://lg-fr-rbx.wolke7.me <br> dn42: http://lg-fr-rbx.wolke7.dn42 | | 4242420300 | ext: <http://lg-fr-rbx.wolke7.me> <br> dn42: <http://lg-fr-rbx.wolke7.dn42> |
| 4242420321 | dn42: http://lg.dn42 <br> Interactive (traceroute, BGP-map) | | 4242420321 | dn42: <http://lg.dn42> <br> Interactive (traceroute, BGP-map) |
| 4242420341 | dn42: https://lg.hachiman.dn42 <br> Interactive (traceroute, BGP-map) | | 4242420341 | dn42: <https://lg.hachiman.dn42> <br> Interactive (traceroute, BGP-map) |
| 4242420812 | dn42: https://lg.jan.dn42 <br> Interactive (traceroute, BGP-map) | | 4242420812 | dn42: <https://lg.jan.dn42> <br> Interactive (traceroute, BGP-map) |
| 4242420827 | ext: https://lg.llyn.lorkep.trade <br> dn42: https://lg.lorkep.dn42 <br> Interactive (traceroute, BGP-map) <br> IPv6 only | | 4242420827 | ext: <https://lg.llyn.lorkep.trade> <br> dn42: <https://lg.lorkep.dn42> <br> Interactive (traceroute, BGP-map) <br> IPv6 only |
| 4242420977 | ext: https://lg.moerail.ml <br> dn42: http://lg.moerail.dn42 | | 4242420977 | ext: <https://lg.moerail.ml> <br> dn42: <http://lg.moerail.dn42> |
| 4242421055 | dn42: http://lg.tmwawpl.dn42 | | 4242421055 | dn42: <http://lg.tmwawpl.dn42> |
| 4242421092 | dn42: http://lg.erg.dn42 <br> Interactive (traceroute, BGP-map) | | 4242421092 | dn42: <http://lg.erg.dn42> <br> Interactive (traceroute, BGP-map) |
| 4242421099 | ext: https://lg.owensresearch.org <br> dn42: https://lg.owensresearch.dn42 <br> BGP Route, BGP Community, BGP AS Path, Ping, and Traceroute | | 4242421099 | ext: <https://lg.owensresearch.org> <br> dn42: <https://lg.owensresearch.dn42> <br> BGP Route, BGP Community, BGP AS Path, Ping, and Traceroute |
| 4242421166 | dn42: http://lg.alcatrash.dn42 | | 4242421166 | dn42: <http://lg.alcatrash.dn42> |
| 4242421197 | dn42: https://lg.scoopta.dn42 <br> dn42: ssh rtr@rtr.scoopta.dn42 <br> restricted frr shell| | 4242421197 | dn42: <https://lg.scoopta.dn42> <br> dn42: ssh rtr@rtr.scoopta.dn42 <br> restricted frr shell|
| 4242421224 | dn42: http://lg.bit.dn42 | | 4242421224 | dn42: <http://lg.bit.dn42> |
| 4242421231 | dn42: http://lg.caesia.dn42 <br> ext: https://lg.caesia.net | | 4242421231 | dn42: <http://lg.caesia.dn42> <br> ext: <https://lg.caesia.net> |
| 4242421331<br>4242421332<br>207268 | ext: https://lg.strexp.net <br> dn42: http://lg.nia.dn42 | | 4242421331<br>4242421332<br>207268 | ext: <https://lg.strexp.net> <br> dn42: <http://lg.nia.dn42> |
| 4242421588 | dn42: http://lg.tech9computers.dn42 <br> Interactive (traceroute, BGP-map) | | 4242421588 | dn42: <http://lg.tech9computers.dn42> <br> Interactive (traceroute, BGP-map) |
| 4242421876 | dn42: https://lg.potato.dn42&lt;br&gt;ext: https://lg.dn42.ac.cn | | 4242421876 | dn42: <https://lg.potato.dn42> <br> ext: <https://lg.dn42.ac.cn> |
| 4242421926 | dn42: https://lg.zhaofeng.dn42 <br> ext: https://lg.naive.network | | 4242421926 | dn42: <https://lg.zhaofeng.dn42> <br> ext: <https://lg.naive.network> |
| 4242422016 | ext: https://dn42.sidereal.ca <br> dn42: https://lg.sidereal.dn42 | | 4242422016 | ext: <https://dn42.sidereal.ca> <br> dn42: <https://lg.sidereal.dn42> |
| 4242422024 | ext: http://lg.dn42.gcc.ac.cn <br> Interactive (ping, traceroute, BGP-map)| | 4242422024 | ext: <http://lg.dn42.gcc.ac.cn> <br> Interactive (ping, traceroute, BGP-map) |
| 4242422189 | dn42: http://lg.iedon.dn42 | | 4242422189 | dn42: <http://lg.iedon.dn42> |
| 4242422341 | ext: https://lg.dn42.zotan.network <br> dn42: https://lg.zotan.dn42 | | 4242422341 | ext: <https://lg.dn42.zotan.network> <br> dn42: <https://lg.zotan.dn42> |
| 4242422342 | dn42: http://lg.gbe.dn42 <br> Semi-interactive (no traceroute, no ping) | | 4242422342 | dn42: <http://lg.gbe.dn42> <br> Semi-interactive (no traceroute, no ping) |
| 4242422428 | ext: https://lg.0l.de <br> IPv4 and IPv6 | | 4242422428 | ext: <https://lg.0l.de> <br> IPv4 and IPv6 |
| 4242422506 | dn42: http://www.as4242422506.dn42 | | 4242422506 | dn42: <http://www.as4242422506.dn42> |
| 4242422547 | ext: https://lg.lantian.pub <br> dn42: http://lg.lantian.dn42 | | 4242422547 | ext: <https://lg.lantian.pub> <br> dn42: <http://lg.lantian.dn42> |
| 4242422596 | dn42: http://lg.ty3r0x.dn42 | | 4242422596 | dn42: <http://lg.ty3r0x.dn42> |
| 4242422700 | dn42: http://lg.gotroot.dn42 <br> ext: http://dn42.gotroot.ca | | 4242422700 | dn42: <http://lg.gotroot.dn42> <br> ext: <http://dn42.gotroot.ca> |
| 4242423078 | ext: https://lg.hexanet.dev <br> dn42: http://lg.hex.dn42 <br> Interactive (traceroute, BGP-map) <br> IPv6 only | | 4242423078 | ext: <https://lg.hexanet.dev> <br> dn42: <http://lg.hex.dn42> <br> Interactive (traceroute, BGP-map) <br> IPv6 only |
| 4242423735 | ext: https://lg.dn42.cperrin.xyz <br> dn42: http://lg.cperrin.dn42 | | 4242423735 | ext: <https://lg.dn42.cperrin.xyz> <br> dn42: <http://lg.cperrin.dn42> |
| 4242423827 | ext: https://sky.nullroute.eu.org/dn42/lg <br> dn42: http://lg.nullroute.dn42 | | 4242423827 | ext: <https://sky.nullroute.eu.org/dn42/lg> <br> dn42: <http://lg.nullroute.dn42> |
| 4242423905 | ext: https://dn42-svc.weiti.org/ulg <br> dn42: https://lg.weiti.dn42 | 4242423905 | ext: <https://dn42-svc.weiti.org/ulg> <br> dn42: <https://lg.weiti.dn42> |
| 4242423905 | ext: http://zeus.nowhere.ws/dn42/routes.cgi <br> dn42: http://zeus.nihilus.dn42/dn42/routes.cgi <br> Non-interactive (route listing only). | | 4242423905 | ext: <http://zeus.nowhere.ws/dn42/routes.cgi> <br> dn42: <http://zeus.nihilus.dn42/dn42/routes.cgi> <br> Non-interactive (route listing only). |
| 4242423955 | dn42: http://lg.flo.dn42 | | 4242423955 | dn42: <http://lg.flo.dn42> |
| 4242423973 | dn42: http://lg.technopoint.dn42 <br> (traceroute, BGP-map) IPv4 only. | | 4242423973 | dn42: <http://lg.technopoint.dn42> <br> (traceroute, BGP-map) IPv4 only. |
| 4242423993 | ext: https://lg.2f30.org <br> IPv4 only. | | 4242423993 | ext: <https://lg.2f30.org> <br> IPv4 only. |

View File

@ -1,4 +1,4 @@
After frequent issues with the [Old Hierarchical DNS](Old-Hierarchical-DNS) system in early 2018, work has started to build a new and more reliable DNS system. The main goals are: After frequent issues with the [Old Hierarchical DNS](/services/Old-Hierarchical-DNS) system in early 2018, work has started to build a new and more reliable DNS system. The main goals are:
* Reliability and Consistency to avoid debugging very obscure issues that are also hard to reproduce. * Reliability and Consistency to avoid debugging very obscure issues that are also hard to reproduce.
* Low maintenance burden on operators. * Low maintenance burden on operators.
* Proper DNSSEC support for everything. * Proper DNSSEC support for everything.
@ -47,6 +47,6 @@ The set of valid KSKs can be found in the registry.
# See also # See also
* [DNS Quick Start](DNS) * [DNS Quick Start](/services/DNS)
* [Old Hierarchical DNS](Old-Hierarchical-DNS) * [Old Hierarchical DNS](/services/Old-Hierarchical-DNS)
* [Original DNS (deprecated)](Original-DNS-(deprecated)) * [Original DNS (deprecated)](/services/Original-DNS-(deprecated))

View File

@ -1,13 +1,13 @@
# List of Usenet servers # List of Usenet servers
| **Person** | **Status** | **Address** | **Posting** | **Newsgroups** | **Binaries** | | **Person** | **Status** | **Address** | **Posting** | **Newsgroups** | **Binaries** |
|----|----|----|----|----|----| |----|----|----|----|----|----|
| welterde | _down_ | news.welterde.dn42 | _yes_ | Big 8, de.\*, alt.\* | _no_ | | welterde | _down_ | <http://news.welterde.dn42> | _yes_ | Big 8, de.\*, alt.\* | _no_ |
| UFO | _up_ | core.ucis.dn42 | _yes_ | anonet, dn42 | _no_ | | UFO | _up_ | <http://core.ucis.dn42> | _yes_ | anonet, dn42 | _no_ |
| blacksheep | _down_ | news.blacksheep.dn42 | _ask_ | Big 8, de.\*, alt.\*, uk.\*, etc. | _no_ | | blacksheep | _down_ | <http://news.blacksheep.dn42> | _ask_ | Big 8, de.\*, alt.\*, uk.\*, etc. | _no_ |
# List of Usenet WebFrontends # List of Usenet WebFrontends
| **Person** | **Status** | **Address** | **Posting** | **Newsgroups** | **Binaries** | | **Person** | **Status** | **Address** | **Posting** | **Newsgroups** | **Binaries** |
|----|----|----|----|----|----| |----|----|----|----|----|----|
| cronix | _down_ | news.crystalnet.dn42 | _yes_ | as requested | _no_ | | cronix | _down_ | <http://news.crystalnet.dn42> | _yes_ | as requested | _no_ |
| UFO | _down_ | [UCIS.ano news](http://cgiproxy.ucis.dn42/nph-proxy.cgi/00/http/www.ucis.ano/news/) | _no_ | anonet, dn42 | _limited_ | | UFO | _down_ | [UCIS.ano news](http://cgiproxy.ucis.dn42/nph-proxy.cgi/00/http/www.ucis.ano/news/) | _no_ | anonet, dn42 | _limited_ |
| SeekingFor | _down_ | [AnoNet News](http://cgiproxy.ucis.dn42/nph-proxy.cgi/00/http/news.sfor.ano/) | _yes_ | anonet, dn42 | _no_ | | SeekingFor | _down_ | [AnoNet News](http://cgiproxy.ucis.dn42/nph-proxy.cgi/00/http/news.sfor.ano/) | _yes_ | anonet, dn42 | _no_ |

View File

@ -1,4 +1,4 @@
This information is now **deprecated**. Please check [New DNS](New-DNS) for the current architecture. This information is now **deprecated**. Please check [New DNS](/services/New-DNS) for the current architecture.
*** ***
@ -38,7 +38,7 @@ For all of these servers they have a specific IP assigned, only respond to their
**<name>.dn42-servers.arpa** - This server is authoritative for RFC 2317 delegations. For any inetnum object smaller than /24 and whos parent has no nameserver records, a C class parent zone is created (all its subnetworks are delegated to appropriate nameservers with CNAME) **<name>.dn42-servers.arpa** - This server is authoritative for RFC 2317 delegations. For any inetnum object smaller than /24 and whos parent has no nameserver records, a C class parent zone is created (all its subnetworks are delegated to appropriate nameservers with CNAME)
Real-time server monitor is available at http://nixnodes.net/dn42/dnsview Real-time server monitor is available at <http://nixnodes.net/dn42/dnsview>
## Setup ## Setup

View File

@ -1,5 +1,5 @@
# Original DNS (deprecated) # Original DNS (deprecated)
This information is now **deprecated**. Please check [New DNS](New-DNS) for the current architecture. This information is now **deprecated**. Please check [New DNS](/services/New-DNS) for the current architecture.
*** ***
@ -35,12 +35,12 @@ The root zone for `dn42.` is built from the [whois registry](/services/Whois). I
## DNS services for other networks ## DNS services for other networks
Other networks are interconnected with dn42 (ChaosVPN, Freifunk, etc). Some of them also provide DNS service, you can configure your resolver to use it. See [External DNS](dns/External-DNS). Other networks are interconnected with dn42 (ChaosVPN, Freifunk, etc). Some of them also provide DNS service, you can configure your resolver to use it. See [External DNS](/service/dns/External-DNS).
## Providing DNS services ## Providing DNS services
See [Providing Anycast DNS](dns/Providing-Anycast-DNS). See [Providing Anycast DNS](/services/dns/Providing-Anycast-DNS).
## [Old Hierarchical DNS](Old-Hierarchical-DNS) ## [Old Hierarchical DNS](/services/Old-Hierarchical-DNS)
This is a new effort to build a DNS system that mirrors how DNS was designed to work in clearnet. This is a new effort to build a DNS system that mirrors how DNS was designed to work in clearnet.

View File

@ -4,28 +4,28 @@ There are some mirrors available in DN42. All mirrors are subdomains of "mirror.
## Ubuntu ## Ubuntu
**http://mirror.dn42/ubuntu** **<http://mirror.dn42/ubuntu>**
Hosted by: Hosted by:
* mephisto * mephisto
## mirror.yandex.ru proxy ## mirror.yandex.ru proxy
**http://172.23.158.41/** **<http://172.23.158.41/>**
**http://[fd91:9191:9191:3::1]/** **<http://[fd91:9191:9191:3::1]/>**
Hosted by: Hosted by:
* ne-vlezay80 * ne-vlezay80
## mirrors.nia.dn42 ## mirrors.nia.dn42
**http://mirrors.nia.dn42/** **<http://mirrors.nia.dn42/>**
**http://[fd01:1926:817:1000::ac14:a8c5]/** **<http://[fd01:1926:817:1000::ac14:a8c5]/>**
## mirror.z.dn42 ## mirror.z.dn42
Not hosting repositories itself, it collects other mirrors Not hosting repositories itself, it collects other mirrors
* Dynamic page: **http://mirror.z.dn42/** * Dynamic page: **<http://mirror.z.dn42/>**
* Static page: **http://mirror.z.dn42/_/** * Static page: **<http://mirror.z.dn42/_/>**

View File

@ -75,24 +75,24 @@ protocol bgp ROUTE_COLLECTOR
The collector runs a looking glass based on [bird-lg-go](https://github.com/xddxdd/bird-lg-go). The collector runs a looking glass based on [bird-lg-go](https://github.com/xddxdd/bird-lg-go).
- [https://lg.collector.dn42/](https://lg.collector.dn42/) - <https://lg.collector.dn42/>
### MRT Dumps ### MRT Dumps
[MRT Dumps](https://tools.ietf.org/html/rfc6396) are produced by the collector every 10 minutes. Bird produces MRT dumps corresponding to tables, so two separate dumps are created, one for IPv4 (master4) and one for IPv6 (master6). The 10 minutes dumps are available for one week before being reduced down to one a day. [MRT Dumps](https://tools.ietf.org/html/rfc6396) are produced by the collector every 10 minutes. Bird produces MRT dumps corresponding to tables, so two separate dumps are created, one for IPv4 (master4) and one for IPv6 (master6). The 10 minutes dumps are available for one week before being reduced down to one a day.
- [https://mrt.collector.dn42](https://mrt.collector.dn42) - <https://mrt.collector.dn42>
The latest dumps can always be found at the following URLs: The latest dumps can always be found at the following URLs:
- [https://mrt.collector.dn42/master4_latest.mrt.bz2](https://mrt.collector.dn42/master4_latest.mrt.bz2) - <https://mrt.collector.dn42/master4_latest.mrt.bz2>
- [https://mrt.collector.dn42/master6_latest.mrt.bz2](https://mrt.collector.dn42/master6_latest.mrt.bz2) - <https://mrt.collector.dn42/master6_latest.mrt.bz2>
### Prometheus Metrics ### Prometheus Metrics
The collector runs [bird_exporter](https://github.com/czerwonk/bird_exporter) and prometheus style metrics are available at the following URL: The collector runs [bird_exporter](https://github.com/czerwonk/bird_exporter) and prometheus style metrics are available at the following URL:
- [http://collector.dn42:9324/metrics](http://collector.dn42:9324/metrics) - <http://collector.dn42:9324/metrics>
### ~~Flapping routes~~ (In maintenance) ### ~~Flapping routes~~ (In maintenance)

View File

@ -3,7 +3,7 @@
## IRC ## IRC
Channel statistics for #dn42@hackint are available at: https://dev.0l.dn42/stats/. Channel statistics for #dn42@hackint are available at: <https://dev.0l.dn42/stats/>.
## Scripts ## Scripts

View File

@ -15,7 +15,7 @@ Because of the encryption an owner of a node don't know anything about the store
To provide storage to the cloud you have to run a node. To provide storage to the cloud you have to run a node.
## Install and configuration ## Install and configuration
To run a node you have to install tahoe-lafs at least in version 1.10.2. You can get source code from https://tahoe-lafs.org/source/tahoe-lafs/releases/allmydata-tahoe-1.10.2.zip, if the version of the package in the distribution not at least 1.10. Then you have to extract it and install with `python2 setup.py build && sudo python2 setup.py install`. To run a node you have to install tahoe-lafs at least in version 1.10.2. You can get source code from <https://tahoe-lafs.org/source/tahoe-lafs/releases/allmydata-tahoe-1.10.2.zip>, if the version of the package in the distribution not at least 1.10. Then you have to extract it and install with `python2 setup.py build && sudo python2 setup.py install`.
Before the first start you have to create a node with `bin/tahoe create-node` or a client (doesn't provide storage) with `bin/tahoe create-client`. This will create the folder .tahoe in your home dir. In the file .tahoe/tahoe.cfg you have to enter on `introducer.furl` the link to our introducer node (UPDATED): Before the first start you have to create a node with `bin/tahoe create-node` or a client (doesn't provide storage) with `bin/tahoe create-client`. This will create the folder .tahoe in your home dir. In the file .tahoe/tahoe.cfg you have to enter on `introducer.furl` the link to our introducer node (UPDATED):
@ -30,4 +30,4 @@ With `bin/tahoe start` you start your local node.
You can reach the local node via web browser at [http://localhost:3456](http://localhost:3456). You can reach the local node via web browser at [http://localhost:3456](http://localhost:3456).
## Further informations ## Further informations
Look at https://tahoe-lafs.org for further information. Look at <https://tahoe-lafs.org> for further information.

View File

@ -32,7 +32,7 @@ Note that currently, most AS are using one of the legacy ASN range (and will pro
## DNS zones ## DNS zones
dn42 uses the `dn42.` TLD, which is not present in the root DNS zone of the ICANN-net. For details, see [DNS](DNS). dn42 uses the `dn42.` TLD, which is not present in the root DNS zone of the ICANN-net. For details, see [DNS](/services/DNS).
Note that other TLDs should also be usable from dn42, most notably from Freifunk and ChaosVPN. A tentative list is available at [External DNS](/services/dns/External-DNS). Note that other TLDs should also be usable from dn42, most notably from Freifunk and ChaosVPN. A tentative list is available at [External DNS](/services/dns/External-DNS).
@ -40,7 +40,7 @@ Note that other TLDs should also be usable from dn42, most notably from Freifunk
The gitea instance hosting the registry has an associated [Drone CI/CD](https://drone.io/) service: The gitea instance hosting the registry has an associated [Drone CI/CD](https://drone.io/) service:
- [https://drone.git.dn42/](https://drone.git.dn42/) - <https://drone.git.dn42/>
Users are free to add drone pipelines to their own repositories. Repositories can be enabled using the Drone server [user interface](https://drone.git.dn42/). Users are free to add drone pipelines to their own repositories. Repositories can be enabled using the Drone server [user interface](https://drone.git.dn42/).
@ -51,7 +51,7 @@ Privacy mode is enabled, please call the bot with @DN42WhoisBot when necessary.
# Web interface and REST API # Web interface and REST API
[https://explorer.burble.dn42/](https://explorer.burble.dn42/) ([https://explorer.burble.com/](https://explorer.burble.com/) via clearnet) provides a web interface and REST API for querying the DN42 registry. <https://explorer.burble.dn42/> ([https://explorer.burble.com/](https://explorer.burble.com/) via clearnet) provides a web interface and REST API for querying the DN42 registry.
The service is provided by [dn42regsrv](https://git.burble.com/burble.dn42/dn42regsrv) which can also be run locally. The service is provided by [dn42regsrv](https://git.burble.com/burble.dn42/dn42regsrv) which can also be run locally.
@ -71,7 +71,7 @@ Example:
The Python code for generating the zone from the registry is available on the monotone repository. The Python code for generating the zone from the registry is available on the monotone repository.
The idea comes from the guys at cymru.com, who provide this service for the Internet (e.g. `AS1.asn.cymru.com`), see https://www.team-cymru.org/Services/ip-to-asn.html#dns The idea comes from the guys at cymru.com, who provide this service for the Internet (e.g. `AS1.asn.cymru.com`), see <https://www.team-cymru.org/Services/ip-to-asn.html#dns>
# Software # Software
@ -139,4 +139,4 @@ sudo ruby whoisd.rb nobody
``` ```
## Whois restful API ## Whois restful API
Note: this service is in beta testing, use at your own risk. Note: this service is in beta testing, use at your own risk.
https://whois.rest.dn42/ <https://whois.rest.dn42/>

View File

@ -28,7 +28,7 @@ The mkdns script currently supports the following setups:
## NeoNetwork ## NeoNetwork
The NeoNetwork also has a recursive DNS server at `10.127.255.54` and `fd10:127:53:53::`. The NeoNetwork also has a recursive DNS server at `10.127.255.54` and `fd10:127:53:53::`.
The zone files can be found here: https://github.com/NeoCloud/NeoNetwork/tree/master/dns The zone files can be found here: <https://github.com/NeoCloud/NeoNetwork/tree/master/dns>
## Configuration ## Configuration

View File

@ -1,4 +1,4 @@
# DEPRECATED - Please have a look at [Hierarchical DNS](https://internal.dn42/Hierarchical-DNS) instead # DEPRECATED - Please have a look at [Hierarchical DNS](/services/dns/Old-Hierarchical-DNS) instead
You may want to participate in the anycast DNS cloud. You may want to participate in the anycast DNS cloud.

View File

@ -1,6 +1,6 @@
If you want to run your own recursive DNS server, you must find upstream servers that are authoritative for the dn42 zones. If you want to run your own recursive DNS server, you must find upstream servers that are authoritative for the dn42 zones.
You may use some servers listed in the [table of anycast servers](Providing-Anycast-DNS#Persons-providing-anycast-DNS), or just use `172.22.119.160` and `172.22.119.163` (ns{1,2}.fritz.dn42). You may use some servers listed in the [table of anycast servers](/services/dns/Providing-Anycast-DNS#Persons-providing-anycast-DNS), or just use `172.22.119.160` and `172.22.119.163` (ns{1,2}.fritz.dn42).
## Configuration ## Configuration