From 82cbbdab5439ac36c67846a8cb78007f83ab5fbf Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sun, 13 Nov 2016 22:01:57 +0000 Subject: [PATCH 01/53] Destroyed Edgeos Config Example number 2 (markdown) --- howto/Edgeos-Config-Example-number-2.md | 56 ------------------------- 1 file changed, 56 deletions(-) delete mode 100644 howto/Edgeos-Config-Example-number-2.md diff --git a/howto/Edgeos-Config-Example-number-2.md b/howto/Edgeos-Config-Example-number-2.md deleted file mode 100644 index 66ad689..0000000 --- a/howto/Edgeos-Config-Example-number-2.md +++ /dev/null @@ -1,56 +0,0 @@ -## EdgeRouterPro-8 DN42 config example with v1.9.0 - -After a lot of searching and trying I [Phil/ALS7] finnaly got a working config - -##Features - -* IPv4/IPv6 Tunnel via OpenVPN -* dn42 DNS - -##How-To - ---> still work in Progress - -1) you need to create all required fields in the registry --> look at [[Getting started]] page. - -The data i used are the following: - -Own ASN: AS4242422684 -Own IPv4: 172.20.4.64/27 -Own IPv6: fd33:ac1d:d1ce::/48 - -2) get a peer --> ask nice @ [[IRC]] - -3) You need following data - ---tunnel options, secret key ---ASN from the peer (in this example i use remote-as XXXXX) ---ip's - -... - - -start a ssh session to your router - -copy vpn key to /config/auth/giveITaName -- Create folder if needed - -configure -set interface openssh vtun0 -set interfaces openvpn vtun0 mode site-to-site -set interfaces openvpn vtun0 local-port 1194 //you get the port from your peer -set interfaces openvpn vtun0 remote-port 1194 //you get the port from your peer -set interfaces openvpn vtun0 local-address 172.20.4.64 //your sife dn42 ip address -set interfaces openvpn vtun0 remote-address X.X.X.X //dn42 link address from your peer -set interfaces openvpn vtun0 remote-host X.X.X.Y //clearnet ip address from your peer -set interfaces openvpn vtun0 shared-secret-key-file /config/auth/giveITaName // your keyfile -set interfaces openvpn vtun0 openvpn-option "--comp-lzo" //if your peer support compression -commit -save - -Now the ipv4 tunnel should be up&running - - - - - - From 0051fa9c95fd23969a41b239afd70203738ec044 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sun, 13 Nov 2016 22:22:44 +0000 Subject: [PATCH 02/53] Created Edgeos Config Example number 2 (markdown) --- howto/Edgeos-Config-Example-number-2.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 howto/Edgeos-Config-Example-number-2.md diff --git a/howto/Edgeos-Config-Example-number-2.md b/howto/Edgeos-Config-Example-number-2.md new file mode 100644 index 0000000..e69de29 From bc3ff2b3591b545c8002fdb2faa5c67b1f8d6941 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Tue, 15 Nov 2016 19:39:04 +0000 Subject: [PATCH 03/53] Created EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 149 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 149 insertions(+) create mode 100644 howto/EdgeOS-Config.md diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md new file mode 100644 index 0000000..d6939bb --- /dev/null +++ b/howto/EdgeOS-Config.md @@ -0,0 +1,149 @@ + +#EdgeRouterPro-8 config example with v1.9.0 + +After a lot of searching and trying I [Phil/ALS7] finnaly got a working config +Also thanx to drathir for his patience and support + +##Features + +* IPv4/IPv6 Tunnel via OpenVPN +* dn42 DNS + +##How-To + +--> still work in Progress + +* Basic EdgeOS knowledge is required + +1) you need to create all required fields in the registry --> look at [[Getting started]] + +2) get a peer --> ask nice @ [[IRC]] + +3) You need following data from the peer + +--tunnel options, secret key --ASN from the peer --ip's + +... + +The data i used are the following: + +Own ASN: AS111111 +Own IPv4: 172.AA.AA.64/27 +Own IPv6: fdBB:BBBB:CCCC::/48 + +Peer OpenVPN Remote Address: X.X.X.X +Peer OpenVPN Remote Host: X.X.X.Y +Peer OpenVPN IP for you: fdAA::BBB/64 +Peer OpenVPN IP: fdAA::CC +Peer OpenVPN Port: 1194 +Peer OpenVPN encryption: aes256 +Peer ASN: AS222222 +Peer BGP Neighbour IPv4: Z.Z.Z.Z +Peer BGP Neighbour IPv6: fdAA::CC + +###Copy OpenVPN key to the ErPro + +copy vpn key to /config/auth/giveITaName + + sudo su + cd /config + mkdir auth + cd auth + cat > giveITaName + +now paste the key in the terminal window, hit return once and kill cat with CTRL+C +last thing to do is type exit + +###Create IPv4 OpenVPN Interface + +Set up Interface vtunX -- i used vtun0 + + configure + set interface openssh vtun0 + set interfaces openvpn vtun0 mode site-to-site + set interfaces openvpn vtun0 local-port 1194 + set interfaces openvpn vtun0 remote-port 1194 + set interfaces openvpn vtun0 local-address 172.AA.AA.64 + set interfaces openvpn vtun0 remote-address X.X.X.X + set interfaces openvpn vtun0 remote-host X.X.X.Y + set interfaces openvpn vtun0 shared-secret-key-file /config/auth/giveITaName + set interfaces openvpn vtun0 encryption aes256 + + set interfaces openvpn vtun0 openvpn-option "--comp-lzo" //if your peer support compression + + commit + save + exit + +Now the ipv4 tunnel should be up&running + +Check it with: + + show interfaces openvpn + show interfaces openvpn detail + show openvpn status site-to-site + +###Create IPv4 BGP Session + +####Open Firewall + +* You need to open the firewall to local for the tunnel Interface on port 179/tcp + +####Configure the BGP Neighbor + +* You must not use AS before the as numbers !! + +With this step you create the basic bgp session + + configure + set protocols bgp 111111 neighbor Z.Z.Z.Z remote-as 222222 + set protocols bgp 111111 neighbor Z.Z.Z.Z soft-reconfiguration inbound + set protocols bgp 111111 neighbor update-source 172.AA.AA.64 + commit + save + +When commit this configuration you should be able to see a BGP neighbor session start and come up. +You can check this with: + + show ip bgp summary + +####Set route to blackhole + +so bgp can announce the route + + set protocols static route 172.AA.AA.64/27 blackhole + commit + save + +####Announce prefix to BGP + + set protocols bgp 111111 network 172.A.A.64/27 + commit + save + exit + +You should now be able to see networks being advertised via + + show ip bgp neighbors Z.Z.Z.Z advertised-routes + +###Define Nameservers + +Now ping to 172.23.0.53 ... thats the nameserver we are using +If everything is allright it should work + +####NS Config + +Enter the configure mode + + configure + set service dns forwarding name-server 8.8.8.8 + set service dns forwarding name-server 8.8.4.4 + set service dns forwarding options rebind-domain-ok=/dn42/ + set service dns forwarding options server=/23.172.in-addr.arpa/172.23.0.53 + set service dns forwarding options server=/22.172.in-addr.arpa/172.23.0.53 + set service dns forwarding options server=/dn42/172.23.0.53 + commit + save + exit + +Now try to access any .dn42 tld From 1cbb9e3bd7b5f171edae95e4243adf8ddce3742e Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Tue, 15 Nov 2016 19:41:39 +0000 Subject: [PATCH 04/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index d6939bb..f12c9bc 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -1,4 +1,3 @@ - #EdgeRouterPro-8 config example with v1.9.0 After a lot of searching and trying I [Phil/ALS7] finnaly got a working config @@ -13,7 +12,8 @@ Also thanx to drathir for his patience and support --> still work in Progress -* Basic EdgeOS knowledge is required +* Basic EdgeOS knowledge is required +* If you are using LoadBalancing make shure 172.20.0.0/14 is under 'PPRIVATE NETS' 1) you need to create all required fields in the registry --> look at [[Getting started]] From bbb2b09e764f1543cfcd5a01e8813bb7bf0ab033 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Tue, 15 Nov 2016 19:42:44 +0000 Subject: [PATCH 05/53] Updated home (markdown) --- _Sidebar.md | 1 + 1 file changed, 1 insertion(+) diff --git a/_Sidebar.md b/_Sidebar.md index a7ca043..16dacfd 100644 --- a/_Sidebar.md +++ b/_Sidebar.md @@ -14,6 +14,7 @@ * [[Email|email]] * [[GRE on FreeBSD|gre-on-freebsd]] * [[Mikrotik RouterOS|mikrotik]] + * [[EdgeOS Config]] * [[Services|/pages/services/]] * [[IRC]] From 35bc28a56805970af7a227f4fd5eac265a44d616 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Tue, 15 Nov 2016 19:44:03 +0000 Subject: [PATCH 06/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index f12c9bc..f187c48 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -1,6 +1,9 @@ -#EdgeRouterPro-8 config example with v1.9.0 +#EdgeRouter config example + +After a lot of searching and trying I [Phil/ALS7] finnaly got a working config + +I used for this example V1.9.0 on an ErPro-8 -After a lot of searching and trying I [Phil/ALS7] finnaly got a working config Also thanx to drathir for his patience and support ##Features From 632411fb3d095c0aaed66d1c08a96a07258f9535 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Tue, 15 Nov 2016 19:47:06 +0000 Subject: [PATCH 07/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index f187c48..8334bfd 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -16,7 +16,7 @@ Also thanx to drathir for his patience and support --> still work in Progress * Basic EdgeOS knowledge is required -* If you are using LoadBalancing make shure 172.20.0.0/14 is under 'PPRIVATE NETS' +* If you are using LoadBalancing make shure 172.20.0.0/14 is under 'PRIVATE NETS' 1) you need to create all required fields in the registry --> look at [[Getting started]] From f5e5f6de3d04e5f0c0cdb2f6c4707144745410cf Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Tue, 15 Nov 2016 19:47:52 +0000 Subject: [PATCH 08/53] Updated Edgeos Config Example number 2 (markdown) --- howto/Edgeos-Config-Example-number-2.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/howto/Edgeos-Config-Example-number-2.md b/howto/Edgeos-Config-Example-number-2.md index e69de29..c6fcbd0 100644 --- a/howto/Edgeos-Config-Example-number-2.md +++ b/howto/Edgeos-Config-Example-number-2.md @@ -0,0 +1,3 @@ +Goto [[Edgeos config]] + +--pls delete me-- \ No newline at end of file From 33335f4b2dcd15013004fffe01b4e078d5f2b839 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Tue, 15 Nov 2016 19:48:14 +0000 Subject: [PATCH 09/53] Destroyed Edgeos Config Example number 2 (markdown) --- howto/Edgeos-Config-Example-number-2.md | 3 --- 1 file changed, 3 deletions(-) delete mode 100644 howto/Edgeos-Config-Example-number-2.md diff --git a/howto/Edgeos-Config-Example-number-2.md b/howto/Edgeos-Config-Example-number-2.md deleted file mode 100644 index c6fcbd0..0000000 --- a/howto/Edgeos-Config-Example-number-2.md +++ /dev/null @@ -1,3 +0,0 @@ -Goto [[Edgeos config]] - ---pls delete me-- \ No newline at end of file From 8a6fc67345dca14242650cbc0a08c08ab2c25b6e Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Wed, 16 Nov 2016 07:31:21 +0000 Subject: [PATCH 10/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index 8334bfd..d93aa4c 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -31,8 +31,11 @@ Also thanx to drathir for his patience and support The data i used are the following: Own ASN: AS111111 -Own IPv4: 172.AA.AA.64/27 -Own IPv6: fdBB:BBBB:CCCC::/48 +Own IPv4 Space: 172.AA.AA.64/27 +Own IPv6 Space: fdBB:BBBB:CCCC::/48 +Own IPv4 If-Address: 172.AA.AA.65 +Own IPv6 If-Address: fdBB:BBBB:CCCC::1 + Peer OpenVPN Remote Address: X.X.X.X Peer OpenVPN Remote Host: X.X.X.Y @@ -66,7 +69,7 @@ Set up Interface vtunX -- i used vtun0 set interfaces openvpn vtun0 mode site-to-site set interfaces openvpn vtun0 local-port 1194 set interfaces openvpn vtun0 remote-port 1194 - set interfaces openvpn vtun0 local-address 172.AA.AA.64 + set interfaces openvpn vtun0 local-address 172.AA.AA.65 set interfaces openvpn vtun0 remote-address X.X.X.X set interfaces openvpn vtun0 remote-host X.X.X.Y set interfaces openvpn vtun0 shared-secret-key-file /config/auth/giveITaName @@ -101,7 +104,7 @@ With this step you create the basic bgp session configure set protocols bgp 111111 neighbor Z.Z.Z.Z remote-as 222222 set protocols bgp 111111 neighbor Z.Z.Z.Z soft-reconfiguration inbound - set protocols bgp 111111 neighbor update-source 172.AA.AA.64 + set protocols bgp 111111 neighbor update-source 172.AA.AA.65 commit save From a3b7654406ea96f06ad406f491c3a71ce4019724 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Wed, 16 Nov 2016 07:31:58 +0000 Subject: [PATCH 11/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index d93aa4c..3cd441c 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -33,8 +33,8 @@ The data i used are the following: Own ASN: AS111111 Own IPv4 Space: 172.AA.AA.64/27 Own IPv6 Space: fdBB:BBBB:CCCC::/48 -Own IPv4 If-Address: 172.AA.AA.65 -Own IPv6 If-Address: fdBB:BBBB:CCCC::1 +Own IPv4 If-Address: 172.AA.AA.65 +Own IPv6 If-Address: fdBB:BBBB:CCCC::1 Peer OpenVPN Remote Address: X.X.X.X From 38734763b471ee57c9d757dab83d6b06a1297169 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Wed, 16 Nov 2016 07:40:00 +0000 Subject: [PATCH 12/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index 3cd441c..2142336 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -37,8 +37,8 @@ Own IPv4 If-Address: 172.AA.AA.65 Own IPv6 If-Address: fdBB:BBBB:CCCC::1 -Peer OpenVPN Remote Address: X.X.X.X -Peer OpenVPN Remote Host: X.X.X.Y +Peer OpenVPN Remote Address: X.X.X.X //that's the peers OpenVPN IF IP +Peer OpenVPN Remote Host: X.X.X.Y //that's the peers clearnet IP Peer OpenVPN IP for you: fdAA::BBB/64 Peer OpenVPN IP: fdAA::CC Peer OpenVPN Port: 1194 From af0b76dda5fa8c68f73b17cfa283dc44e2c2cf68 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Wed, 16 Nov 2016 07:41:39 +0000 Subject: [PATCH 13/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index 2142336..fae842f 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -37,7 +37,7 @@ Own IPv4 If-Address: 172.AA.AA.65 Own IPv6 If-Address: fdBB:BBBB:CCCC::1 -Peer OpenVPN Remote Address: X.X.X.X //that's the peers OpenVPN IF IP +Peer OpenVPN Remote Address: 172.X.X.X //that's the peers OpenVPN IF IP Peer OpenVPN Remote Host: X.X.X.Y //that's the peers clearnet IP Peer OpenVPN IP for you: fdAA::BBB/64 Peer OpenVPN IP: fdAA::CC @@ -70,7 +70,7 @@ Set up Interface vtunX -- i used vtun0 set interfaces openvpn vtun0 local-port 1194 set interfaces openvpn vtun0 remote-port 1194 set interfaces openvpn vtun0 local-address 172.AA.AA.65 - set interfaces openvpn vtun0 remote-address X.X.X.X + set interfaces openvpn vtun0 remote-address 172.X.X.X set interfaces openvpn vtun0 remote-host X.X.X.Y set interfaces openvpn vtun0 shared-secret-key-file /config/auth/giveITaName set interfaces openvpn vtun0 encryption aes256 From c55f28178bcf2ea910220fb52caeb79ca549414d Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Thu, 17 Nov 2016 13:19:07 +0000 Subject: [PATCH 14/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index fae842f..5070920 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -65,7 +65,7 @@ last thing to do is type exit Set up Interface vtunX -- i used vtun0 configure - set interface openssh vtun0 + set interface openvpn vtun0 set interfaces openvpn vtun0 mode site-to-site set interfaces openvpn vtun0 local-port 1194 set interfaces openvpn vtun0 remote-port 1194 @@ -104,7 +104,7 @@ With this step you create the basic bgp session configure set protocols bgp 111111 neighbor Z.Z.Z.Z remote-as 222222 set protocols bgp 111111 neighbor Z.Z.Z.Z soft-reconfiguration inbound - set protocols bgp 111111 neighbor update-source 172.AA.AA.65 + set protocols bgp 111111 neighbor Z.Z.Z.Z update-source 172.AA.AA.65 commit save From adacecc410e425f649421d2abac91dbfd06f8b6c Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Thu, 17 Nov 2016 20:19:53 +0000 Subject: [PATCH 15/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index 5070920..b080a67 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -148,6 +148,9 @@ Enter the configure mode set service dns forwarding options server=/23.172.in-addr.arpa/172.23.0.53 set service dns forwarding options server=/22.172.in-addr.arpa/172.23.0.53 set service dns forwarding options server=/dn42/172.23.0.53 + set service nat rule 5013 outbound-interface vtun0 + set service nat rule 5013 type masquerade + set service nat rule 5013 description "masquerade for dn42" commit save exit From 64fd10b07872c4852565e56d91ec50dc73ed5792 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Thu, 17 Nov 2016 20:21:18 +0000 Subject: [PATCH 16/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index b080a67..9771c3b 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -137,7 +137,7 @@ You should now be able to see networks being advertised via Now ping to 172.23.0.53 ... thats the nameserver we are using If everything is allright it should work -####NS Config +####NS & NAT Config Enter the configure mode From 54738e323ba9b70cb23addde2fdff0a9c8d58aba Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Thu, 17 Nov 2016 20:32:36 +0000 Subject: [PATCH 17/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index 9771c3b..91874de 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -65,7 +65,7 @@ last thing to do is type exit Set up Interface vtunX -- i used vtun0 configure - set interface openvpn vtun0 + set interfaces openvpn vtun0 set interfaces openvpn vtun0 mode site-to-site set interfaces openvpn vtun0 local-port 1194 set interfaces openvpn vtun0 remote-port 1194 From f912f4475696f1dc6ad9f4a14d097ae5f788428c Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Fri, 18 Nov 2016 08:09:16 +0000 Subject: [PATCH 18/53] Updated EdgeOS Config (markdown) --- howto/EdgeOS-Config.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/howto/EdgeOS-Config.md b/howto/EdgeOS-Config.md index 91874de..8192d55 100644 --- a/howto/EdgeOS-Config.md +++ b/howto/EdgeOS-Config.md @@ -52,9 +52,7 @@ Peer BGP Neighbour IPv6: fdAA::CC copy vpn key to /config/auth/giveITaName sudo su - cd /config - mkdir auth - cd auth + cd /config/auth cat > giveITaName now paste the key in the terminal window, hit return once and kill cat with CTRL+C From ea13d2333fd2d765d9f1d4705c1e68dafcea08f2 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Sun, 20 Nov 2016 20:59:16 +0100 Subject: [PATCH 19/53] Updated Tor (markdown) --- internal/services/Tor.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/internal/services/Tor.md b/internal/services/Tor.md index af87b06..cf062d8 100644 --- a/internal/services/Tor.md +++ b/internal/services/Tor.md @@ -6,7 +6,8 @@ Tor bridges allow for the Tor client to connect to a specific IP address and val | Name | Bandwidth | Contact | Protocol | Fingerprint | Info | |-----------------------|-----------|------------------|----------|------------------------------------------|------------------------------------| -| photon.flat.dn42:8443 | 500kB/s | irl@flat.dn42 | obfs4 | 79B30C78C9DA0F812589D336B399307435DC452A | Limited to 100GB transfer per week | +| photon.flat.dn42:8443 | 500kB/s | irl@flat.dn42 | obfs4 | 83B02FB88253A7FD313B7912B12B05AF2A42D3B9 | Limited to 100GB transfer per week | +| gouda.flat.dn42:8443 | 500kB/s | irl@flat.dn42 | obfs4 | DF8CA08A9BED62B319D1E52610510959374444A2 | | # Anycast Tor From 1e11bbfa9f5bafc8d2a7e9783863575aa0c6a734 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Tue, 22 Nov 2016 19:13:52 +0100 Subject: [PATCH 20/53] Added Debian installation instructions using unofficial package --- services/Certificate-Authority.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/services/Certificate-Authority.md b/services/Certificate-Authority.md index e2a48b3..5dd0dd9 100644 --- a/services/Certificate-Authority.md +++ b/services/Certificate-Authority.md @@ -121,7 +121,19 @@ Install `ca-certificates-dn42` from [AUR](https://aur.archlinux.org/packages/ca- ### Debian/Ubuntu -There is no packet at the moment, but you can install it manually: +#### Unofficial Debian Package + +```bash +wget https://ca.dn42.us/ca-dn42_20161122.0_all.deb +# If you're on a dn42-only network: +# wget --no-check-certificate https://ca.dn42/ca-dn42_20161122.0_all.deb +sudo dpkg -i ca-dn42_20161122.0_all.deb +sudo dpkg-reconfigure ca-certificates +``` + +You will be asked which certificates you would like to enabled. By default, the dn42 root certifcate (dn42/root-ca.crt) is not enable, be sure to enable it. This package is waiting for inclusion in Debian (Debian bug [#845351](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845351)). + +#### Manual Installation ```bash $ mkdir /usr/share/ca-certificates/extra From ca8caf81d0b25c156086e4f5a9d93c39c607f61b Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sat, 26 Nov 2016 14:45:02 +0000 Subject: [PATCH 21/53] Removed Zaledia VOIP service --- internal/Internal-Services.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/internal/Internal-Services.md b/internal/Internal-Services.md index afbe4d2..4f3cf83 100644 --- a/internal/Internal-Services.md +++ b/internal/Internal-Services.md @@ -90,12 +90,6 @@ You can also use http://whatismyip.dn42 from inside dn42 to get your IPv4 and IP | http://sprawl.smrsh.dn42:8000/ | [smrsh radio](http://smrsh.net/radio) | | http://stream.media.dn42/ | icecast-relay, contact toBee for more streams | -## Voice and video calls - -| Hostname / IP | Remarks | -|:------------------------------------------------- |:-------------------------------------------------------- | -| http://zaledia.dn42/ | Zaledia VOIP service. Contact ranma on IRC OR julien@zaledia.dn42 or julien.owls@gmail.com to get your account. - ## File sharing ### Tahoe LAFS From 7014c628d93e71f14784ffcd3fbdcad32f9d6b57 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sat, 26 Nov 2016 14:54:16 +0000 Subject: [PATCH 22/53] Removed down pastebins --- internal/Internal-Services.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/internal/Internal-Services.md b/internal/Internal-Services.md index 4f3cf83..d7852e0 100644 --- a/internal/Internal-Services.md +++ b/internal/Internal-Services.md @@ -195,10 +195,8 @@ Also check [Repository Mirrors](/services/Repository-Mirrors) | http://nowhere.ws/dn42 | Some random stuff concerning dn42, packages for Debian, e.g. Quagga | | http://pastebin.trunet.dn42 | AES-encrypted pastebin-like ([zerobin](https://github.com/sebsauvage/ZeroBin)) | | https://paste.weiti.dn42 | AES-encrypted pastebin-like ([zerobin](https://github.com/sebsauvage/ZeroBin)) | -| ~~https://paste.synhacx.dn42~~(OFFLINE 2016-08-24)| AES-encrypted pastebin-like ([zerobin](https://github.com/sebsauvage/ZeroBin)) | -| ~~http://zerobin.e-utp.dn42~~(OFFLINE 2016-08-24) | AES-encrypted pastebin-like, second one ([zerobin](https://github.com/sebsauvage/ZeroBin)) | -| ~~https://flo.dn42/paste/~~(OFFLINE 2016-08-24) | AES-256-encrypted pastebin-like, with HTTPS ([zerobin]) | -| ~~https://szf.dn42/paste/~~(OFFLINE 2016-08-24) | AES-encrypted pastebin-like, another one | +| ~~http://zerobin.e-utp.dn42 | AES-encrypted pastebin-like, second one ([zerobin](https://github.com/sebsauvage/ZeroBin)) | | +| ~~https://szf.dn42/paste/~~(TLSNOTHAPPY 2016-11-26) | AES-encrypted pastebin-like, another one | | http://ip.synhacx.dn42 | Basic "whatismyip" service ([description](http://synhacx.dn42/showmyip)) | | http://nixnodes.dn42/ip | Simple 'myip' service | | https://szf.dn42/ip (text) https://szf.dn42/ifconfig (html) | Another simple 'myip' service | From 6ac3965a95faeca2ec1a361d232c55ab9124b020 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sat, 26 Nov 2016 14:57:38 +0000 Subject: [PATCH 23/53] Marks offline Yacy nodes as offline, removes a duplicate --- internal/Internal-Services.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/internal/Internal-Services.md b/internal/Internal-Services.md index d7852e0..78bb4f7 100644 --- a/internal/Internal-Services.md +++ b/internal/Internal-Services.md @@ -68,12 +68,11 @@ You can also use http://whatismyip.dn42 from inside dn42 to get your IPv4 and IP |:------------------------------------------------- |:-------------------------------------------------------- | | http://mhm.dn42/search | Hosted by toBee | | http://yacy.dn42 | YaCy search engine. Indexing local nets| -| http://yacy.marlinc.dn42:8090/ | Marlinc's YaCy node. | -| https://surf.dn42/ | siska's YaCy node. | +| http://yacy.marlinc.dn42:8090/ (OFFLINE 2016-11-26) | Marlinc's YaCy node. | +| https://surf.dn42/ (OFFLINE 2016-11-26) | siska's YaCy node. | | http://yacy.hexa.dn42/ | hexa-'s YaCy node. | | |[YaCy Network Configuration](http://yacy.dn42/yacy.network.dn42.unit)| -| http://search.dn42 (172.23.184.1) | a few chosen HTTP domains are crawled (taken from the wiki). The previous method, "crawl everything available from the wiki", generated too much data because of FTPs. | -| https://surf.dn42 | YaCy node | +| http://search.dn42 (172.23.184.1) (BROKEN 2016-11-26) | a few chosen HTTP domains are crawled (taken from the wiki). The previous method, "crawl everything available from the wiki", generated too much data because of FTPs. | ## Images and Media From 4b44e695a710bc4c5d5773de8fe7f1dbaf76e1d0 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sat, 26 Nov 2016 23:05:18 +0000 Subject: [PATCH 24/53] Updated Internal Services (markdown) --- internal/Internal-Services.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/internal/Internal-Services.md b/internal/Internal-Services.md index 78bb4f7..1844a41 100644 --- a/internal/Internal-Services.md +++ b/internal/Internal-Services.md @@ -192,10 +192,13 @@ Also check [Repository Mirrors](/services/Repository-Mirrors) | ------------------------------------------------- | ------------------------------------------------------------------------------ | | http://teams.dn42[.us]/dn42 | Mattermost (Slack clone) instance: get notifications for wiki/CA changes here | | http://nowhere.ws/dn42 | Some random stuff concerning dn42, packages for Debian, e.g. Quagga | +|https://bin.dn42 | AES-encrypted pastebin-like service ([zerobin](https://github.com/sebsauvage/ZeroBin)) | | http://pastebin.trunet.dn42 | AES-encrypted pastebin-like ([zerobin](https://github.com/sebsauvage/ZeroBin)) | -| https://paste.weiti.dn42 | AES-encrypted pastebin-like ([zerobin](https://github.com/sebsauvage/ZeroBin)) | -| ~~http://zerobin.e-utp.dn42 | AES-encrypted pastebin-like, second one ([zerobin](https://github.com/sebsauvage/ZeroBin)) | | +| https://paste.weiti.dn42 | AES-encrypted pastebin-like ([zerobin]| +(https://github.com/sebsauvage/ZeroBin)) | +| ~~http://zerobin.e-utp.dn42 | AES-encrypted pastebin-like, second one ([zerobin](https://github.com/sebsauvage/ZeroBin)) | ] | ~~https://szf.dn42/paste/~~(TLSNOTHAPPY 2016-11-26) | AES-encrypted pastebin-like, another one | +| https://pad.dn42 | [Etherpad](http://etherpad.org) service for collaborative work | | http://ip.synhacx.dn42 | Basic "whatismyip" service ([description](http://synhacx.dn42/showmyip)) | | http://nixnodes.dn42/ip | Simple 'myip' service | | https://szf.dn42/ip (text) https://szf.dn42/ifconfig (html) | Another simple 'myip' service | From 61b672d2d349fc38b3b1f775878744af4c786166 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Fri, 2 Dec 2016 00:00:20 +0100 Subject: [PATCH 25/53] Added v6 anycast resolver --- services/DNS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/DNS.md b/services/DNS.md index cf04c48..f427507 100644 --- a/services/DNS.md +++ b/services/DNS.md @@ -1,5 +1,5 @@ # DNS -**The new anycast resolver for `.dn42` runs on `172.23.0.53` and `TBD`. Please see [[Hierarchical DNS]] for more information.** +**The new anycast resolver for `.dn42` runs on `172.23.0.53` and `fd42:d42:d42:53::1`. Please see [[Hierarchical DNS]] for more information.** **The information below is outdated.** *** From d7f5eacd2ed8bde443f076922a2adb49266d93f8 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Sun, 4 Dec 2016 02:32:10 +0100 Subject: [PATCH 26/53] updated pubkey-converter link --- howto/IPsecWithPublicKeys/strongSwan5Example.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/howto/IPsecWithPublicKeys/strongSwan5Example.md b/howto/IPsecWithPublicKeys/strongSwan5Example.md index c1de7ed..b2e4a32 100644 --- a/howto/IPsecWithPublicKeys/strongSwan5Example.md +++ b/howto/IPsecWithPublicKeys/strongSwan5Example.md @@ -30,7 +30,7 @@ For IPsec with Public Keys you'll need the package _strongswan-plugin-pubkey_ in 2. Convert your peer's public key to the PEM format using the [pubkey-converter][pubkey-converter] script, if necessary. -[pubkey-converter]: https://dn42.us/git/user/ryan/pubkey-converter.git/plain/pubkey-converter.pl "Public key conversion script" +[pubkey-converter]: https://git.dn42.us/ryan/pubkey-converter/raw/master/pubkey-converter.pl "Public key conversion script" ## Configuration ### Configure the phase 1 IKE parameters From 3e2356339e21763e1c938391d5ea7bf3b3f88324 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Sun, 4 Dec 2016 02:33:34 +0100 Subject: [PATCH 27/53] updated pubkey-converter link --- howto/IPsecWithPublicKeys/CiscoIOSExample.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/howto/IPsecWithPublicKeys/CiscoIOSExample.md b/howto/IPsecWithPublicKeys/CiscoIOSExample.md index 5c68abe..689bb3a 100644 --- a/howto/IPsecWithPublicKeys/CiscoIOSExample.md +++ b/howto/IPsecWithPublicKeys/CiscoIOSExample.md @@ -39,7 +39,7 @@ _Note: You may already have completed this step, since it's required to enable S 2. Convert your peer's public key to the hexadecimal DER format using the [pubkey-converter][pubkey-converter] script, if necessary. -[pubkey-converter]: https://dn42.us/git/user/ryan/pubkey-converter.git/plain/pubkey-converter.pl "Public key conversion script" +[pubkey-converter]: https://git.dn42.us/ryan/pubkey-converter/raw/master/pubkey-converter.pl "Public key conversion script" ## Configuration ### Configure the phase 1 IKE parameters From 97fdfcddb5fa8b37d3d0f9d343abea4f75355e45 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Sun, 4 Dec 2016 03:00:16 +0100 Subject: [PATCH 28/53] updated pubkey-converter link --- howto/IPsec-with-PublicKeys.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/howto/IPsec-with-PublicKeys.md b/howto/IPsec-with-PublicKeys.md index 9f383b4..ef94f9b 100644 --- a/howto/IPsec-with-PublicKeys.md +++ b/howto/IPsec-with-PublicKeys.md @@ -31,7 +31,7 @@ Keep in mind that certificates are just public keys wrapped with some extra meta ### Conversion tool Different implementations use different formats to represent public keys, and it's necessary to be able to convert between them. Here is a script for that purpose: -https://dn42.us/git/user/ryan/pubkey-converter/plain/pubkey-converter.pl +https://git.dn42.us/ryan/pubkey-converter/raw/master/pubkey-converter.pl ### How-To examples | Implementation | Key format | From b41a5094beef9ad4a961d4bde2560780148ab3cd Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sun, 25 Dec 2016 01:28:23 +0000 Subject: [PATCH 29/53] Updated Exchanges (markdown) --- services/Exchanges.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/services/Exchanges.md b/services/Exchanges.md index 203650d..182e048 100644 --- a/services/Exchanges.md +++ b/services/Exchanges.md @@ -6,4 +6,6 @@ The following exchanges are available: * Amsterdam (OpenVPN) - NL Zuid (marlinc) - [https://nl-zuid.dn42/](https://nl-zuid.dn42/) * Los Angeles (OpenVPN) - tombii - [https://nl-zuid.dn42/](https://nl-zuid.dn42/) * New York (OpenVPN) - tombii - [https://nl-zuid.dn42/](https://nl-zuid.dn42/) -* Falkenstein/Hetzner (OpenVPN) - GRMML (Nurtic-Vibe) - [https://nl-zuid.dn42/](https://nl-zuid.dn42/) \ No newline at end of file +* Falkenstein/Hetzner (OpenVPN) - GRMML (Nurtic-Vibe) - [https://nl-zuid.dn42/](https://nl-zuid.dn42/) + +The NL-Zuid website is also available from the public internet: https://nl-zuid.nl \ No newline at end of file From f593dc6d411a48ad1551e0a70439b7b6ab3cb573 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sun, 25 Dec 2016 01:31:48 +0000 Subject: [PATCH 30/53] Updated Exchanges (markdown) --- services/Exchanges.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/services/Exchanges.md b/services/Exchanges.md index 182e048..ca908f7 100644 --- a/services/Exchanges.md +++ b/services/Exchanges.md @@ -8,4 +8,6 @@ The following exchanges are available: * New York (OpenVPN) - tombii - [https://nl-zuid.dn42/](https://nl-zuid.dn42/) * Falkenstein/Hetzner (OpenVPN) - GRMML (Nurtic-Vibe) - [https://nl-zuid.dn42/](https://nl-zuid.dn42/) -The NL-Zuid website is also available from the public internet: https://nl-zuid.nl \ No newline at end of file +The NL-Zuid website is also available from the public internet: https://nl-zuid.nl + +Its generally recommended to only announce prefixes from your own network and that of your transit customers. \ No newline at end of file From 05e41f9eeeb5fc3b78888034f6cb6b9e92f6cb65 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Fri, 30 Dec 2016 19:59:56 +0100 Subject: [PATCH 31/53] Updated Hierarchical DNS (markdown) --- Hierarchical-DNS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Hierarchical-DNS.md b/Hierarchical-DNS.md index 69a4112..71eb9bc 100644 --- a/Hierarchical-DNS.md +++ b/Hierarchical-DNS.md @@ -32,7 +32,7 @@ For all of these servers they have a specific IP assigned, only respond to their **{{name}}.in-addr-servers.arpa** - This server is authoritative for "arpa", "in-addr", and each of the 172 zones for dn42 ip space. For non dn42 ip space NS records to the respective darknet would need to be registered. -**{{name}}.dn42-servers.arpa** - This server is authoritative for RFC 2317 delegations. For any inetnum object smaller than /24 and whos parent has no nameserver records, a C class parent zone is created (all its subnetworks are delegated to appropriate namservers with CNAME) +**{{name}}.dn42-servers.arpa** - This server is authoritative for RFC 2317 delegations. For any inetnum object smaller than /24 and whos parent has no nameserver records, a C class parent zone is created (all its subnetworks are delegated to appropriate nameservers with CNAME) Real-time server monitor is available at http://nixnodes.net/dn42/dnsview or http://nixnodes.dn42/dn42/dnsview/ From dd2e732e9f300da86e5f7ac59c6327017af58021 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Sat, 31 Dec 2016 16:04:24 +0100 Subject: [PATCH 32/53] Updated Whois (markdown) --- services/Whois.md | 1 + 1 file changed, 1 insertion(+) diff --git a/services/Whois.md b/services/Whois.md index 31aaed9..bf4f0bf 100644 --- a/services/Whois.md +++ b/services/Whois.md @@ -141,6 +141,7 @@ Monotone is an distributed revision control system. Monotone tracks revisions to | Person | Address | Status | |----------|----------------------------------------|--------| | crest | mtn.crest.dn42 | UP | +| siska | mtn.nixnodes.net (mtn.nixnodes.dn42) | UP | | dracoling | dn42.smrsh.net (net.smrsh.dn42) | UP | | xuu | mtn.xuu.dn42 (172.22.141.181) | UP | | zorun | mtn.polyno.me / mtn.polynome.dn42 (172.23.184.71)| UP | From b666578d019d50be94ddabe61bf93ccc7e81d422 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sat, 31 Dec 2016 16:39:27 +0000 Subject: [PATCH 33/53] Updated Bird communities (markdown) --- howto/Bird-communities.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/howto/Bird-communities.md b/howto/Bird-communities.md index e2369d0..d06eeca 100644 --- a/howto/Bird-communities.md +++ b/howto/Bird-communities.md @@ -12,9 +12,15 @@ To properly assign the right community to your peer, please reference the table ## BGP community criteria ``` -(64511, 1) :: latency \in [0, 2.7ms] -(64511, 2) :: latency \in [2.7ms, 7.3ms] -(64511, 3) :: latency \in [7.3ms, 20ms] +(64511, 1) :: latency \in (0, 2.7ms] +(64511, 2) :: latency \in (2.7ms, 7.3ms] +(64511, 3) :: latency \in (7.3ms, 20ms] +(64511, 4) :: latency \in (20ms, 55ms] +(64511, 5) :: latency \in (55ms, 148ms] +(64511, 6) :: latency \in (148ms, 403ms] +(64511, 7) :: latency \in (403ms, 1097ms] +(64511, 8) :: latency \in (1097ms, 2981ms] +(64511, 9) :: latency > 2981ms (64511, x) :: latency \in [exp(x-1), exp(x)] ms (for x < 10) (64511, 21) :: bw >= 0.1mbit From 17acc508048e76d3dd6e27f41162b46a8e8a9b0d Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Tue, 10 Jan 2017 13:19:35 +0000 Subject: [PATCH 34/53] Updated openvpn (markdown) --- howto/openvpn.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/howto/openvpn.md b/howto/openvpn.md index 5fc7522..1de82ba 100644 --- a/howto/openvpn.md +++ b/howto/openvpn.md @@ -26,7 +26,7 @@ comp-lzo persist-key persist-tun cipher aes-256-cbc -ifconfig-ipv6 <LOCAL_GATEWAY_IPV6> <LOCAL_GATEWAY_IPV6> +ifconfig-ipv6 <LOCAL_GATEWAY_IPV6> <REMOTE_GATEWAY_IPV6> ifconfig <LOCAL_GATEWAY_IP> <REMOTE_GATEWAY_IP> secret /etc/openvpn/<PEER_NAME>.key From b245a31c84415a901c818bfc95b6058c8945c10e Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sun, 15 Jan 2017 08:22:04 +0000 Subject: [PATCH 35/53] Updated Looking Glasses (markdown) --- services/Looking-Glasses.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/Looking-Glasses.md b/services/Looking-Glasses.md index 1e8270b..1149277 100644 --- a/services/Looking-Glasses.md +++ b/services/Looking-Glasses.md @@ -30,6 +30,6 @@ Please sort by AS number. | 4242422342 | dn42: http://lg.gbe.dn42 <br> Semi-interactive (no traceroute, no ping) | UP | | 4242422700 | dn42: http://lg.gotroot.dn42 | UP | | 4242423827 | ext: https://sky.nullroute.eu.org/dn42/lg/ <br> dn42: http://lg.nullroute.dn42 | UP | -| 4242423905 | ext: https://vpn01.weiti.org/ulg/ <br> dn42: https://lg.weiti.dn42/ | UP | +| 4242423905 | ext: https://dn42-svc.weiti.org/ulg/ <br> dn42: https://lg.weiti.dn42/ | UP | | 4242423905 | ext: http://zeus.nowhere.ws/dn42/routes.cgi <br> dn42: http://zeus.nihilus.dn42/dn42/routes.cgi <br> Non-interactive (route listing only). | DOWN | | 4242423955 | dn42: http://lg.flo.dn42 | DOWN | \ No newline at end of file From 8dafa4eba161145903bdb1547c014300f025a53a Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sun, 15 Jan 2017 08:23:52 +0000 Subject: [PATCH 36/53] Updated Internal Services (markdown) --- internal/Internal-Services.md | 1 - 1 file changed, 1 deletion(-) diff --git a/internal/Internal-Services.md b/internal/Internal-Services.md index 1844a41..f4c83be 100644 --- a/internal/Internal-Services.md +++ b/internal/Internal-Services.md @@ -202,7 +202,6 @@ Also check [Repository Mirrors](/services/Repository-Mirrors) | http://ip.synhacx.dn42 | Basic "whatismyip" service ([description](http://synhacx.dn42/showmyip)) | | http://nixnodes.dn42/ip | Simple 'myip' service | | https://szf.dn42/ip (text) https://szf.dn42/ifconfig (html) | Another simple 'myip' service | -| https://weiti.dn42/cgi-bin/my-ip | Another 'myip' service | | https://git.dn42[.us] | Git Repository Hosting (Signup: email ssh pubkey to xuu@dn42.us) | | https://git.dn42[.us]/pubkeys/[username] | Get ssh public keys from Git Users of git.dn42. | | http://ngit.dn42 | | From 5b654fbe5e7f537417f1906126a8e5b167af6056 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sun, 15 Jan 2017 08:24:36 +0000 Subject: [PATCH 37/53] Updated Internal Services (markdown) --- internal/Internal-Services.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/Internal-Services.md b/internal/Internal-Services.md index f4c83be..24745ab 100644 --- a/internal/Internal-Services.md +++ b/internal/Internal-Services.md @@ -194,7 +194,7 @@ Also check [Repository Mirrors](/services/Repository-Mirrors) | http://nowhere.ws/dn42 | Some random stuff concerning dn42, packages for Debian, e.g. Quagga | |https://bin.dn42 | AES-encrypted pastebin-like service ([zerobin](https://github.com/sebsauvage/ZeroBin)) | | http://pastebin.trunet.dn42 | AES-encrypted pastebin-like ([zerobin](https://github.com/sebsauvage/ZeroBin)) | -| https://paste.weiti.dn42 | AES-encrypted pastebin-like ([zerobin]| +| https://paste.weiti.dn42 | AES-encrypted pastebin-like ([privatebin]| (https://github.com/sebsauvage/ZeroBin)) | | ~~http://zerobin.e-utp.dn42 | AES-encrypted pastebin-like, second one ([zerobin](https://github.com/sebsauvage/ZeroBin)) | ] | ~~https://szf.dn42/paste/~~(TLSNOTHAPPY 2016-11-26) | AES-encrypted pastebin-like, another one | From 303130c60e8afab7fb522185170f8ba781d686de Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sun, 15 Jan 2017 08:28:52 +0000 Subject: [PATCH 38/53] Updated Whois (markdown) --- services/Whois.md | 1 + 1 file changed, 1 insertion(+) diff --git a/services/Whois.md b/services/Whois.md index bf4f0bf..e5443ca 100644 --- a/services/Whois.md +++ b/services/Whois.md @@ -150,6 +150,7 @@ Monotone is an distributed revision control system. Monotone tracks revisions to | hexa- | mtn.hexa.dn42 (172.23.42.130) | UP | | tombii | mtn.tombii.dn42 (172.22.102.133) | UP | | Mic92 | mtn.evenet.dn42 (172.23.75.6/fd42:4992:6a6d::6) | UP | +| weiti | mtn.weit.dn42 (172.20.175.251/fdf7:17d5:de49::251) | UP | ## Monotone branches From 1c41b3f365218138f909cf343b7dbba430d12747 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Sun, 15 Jan 2017 13:45:04 +0000 Subject: [PATCH 39/53] Updated Repository Mirrors (markdown) --- services/Repository-Mirrors.md | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/services/Repository-Mirrors.md b/services/Repository-Mirrors.md index 2681d27..c2586e6 100644 --- a/services/Repository-Mirrors.md +++ b/services/Repository-Mirrors.md @@ -4,24 +4,22 @@ There are some mirrors available in DN42. All mirrors are subdomains of "mirror. ## Debian -**http://debian.mirror.dn42** +**http://debian.mirrors.dn42** Hosted by: -* Basil * Trunet ## Ubuntu -**http://ubuntu.mirror.dn42** +**http://ubuntu.mirrors.dn42** -**http://archive.ubuntu.mirror.dn42** +**http://archive.ubuntu.mirrors.dn42** Hosted by: * Trunet -* Basil ## CentOS -**http://centos.mirror.dn42** +**http://centos.mirrors.dn42** Hosted by: * Trunet \ No newline at end of file From 008a42fc6f894993b3c0446afad4c2355ca551bd Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Sun, 15 Jan 2017 17:48:48 +0100 Subject: [PATCH 40/53] Updated Whois (markdown) --- services/Whois.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/Whois.md b/services/Whois.md index e5443ca..5ea3b1c 100644 --- a/services/Whois.md +++ b/services/Whois.md @@ -150,7 +150,7 @@ Monotone is an distributed revision control system. Monotone tracks revisions to | hexa- | mtn.hexa.dn42 (172.23.42.130) | UP | | tombii | mtn.tombii.dn42 (172.22.102.133) | UP | | Mic92 | mtn.evenet.dn42 (172.23.75.6/fd42:4992:6a6d::6) | UP | -| weiti | mtn.weit.dn42 (172.20.175.251/fdf7:17d5:de49::251) | UP | +| weiti | mtn.weiti.dn42 (172.20.175.251/fdf7:17d5:de49::251) | UP | ## Monotone branches From 0fd2bd45d906be9ded9c78fc362a6402198f30de Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Wed, 25 Jan 2017 23:58:30 +0100 Subject: [PATCH 41/53] Updated Distributed Wiki (markdown) --- services/Distributed-Wiki.md | 1 - 1 file changed, 1 deletion(-) diff --git a/services/Distributed-Wiki.md b/services/Distributed-Wiki.md index 289f1a4..5515a4a 100644 --- a/services/Distributed-Wiki.md +++ b/services/Distributed-Wiki.md @@ -47,7 +47,6 @@ GIT=/usr/bin/git cd "${WIKI_PATH}" ${GIT} push -sleep 1 ${GIT} pull exit 0 From 4276b8b670eeafcdfa806582a6151cfdc49065aa Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Thu, 26 Jan 2017 00:00:24 +0100 Subject: [PATCH 42/53] Updated Distributed Wiki (markdown) --- services/Distributed-Wiki.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/Distributed-Wiki.md b/services/Distributed-Wiki.md index 5515a4a..8084127 100644 --- a/services/Distributed-Wiki.md +++ b/services/Distributed-Wiki.md @@ -78,7 +78,7 @@ RACK_ENV=production gollum --css <path>/custom.css --gollum-path <path> --host 1 #### SSL - - Setup your MNTNR according to [Automatic CA](https://internal.dn42/services/Automatic-CA) + - Setup your maintainer object according to [Automatic CA](https://internal.dn42/services/Automatic-CA) - Generate a [CSR](/services/Certificate-Authority) and send DNS Key Pin to [xuu@sour.is](mailto:xuu@sour.is): ``` From f1c461cb908712f26e0801494aac72fcf5601b59 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Thu, 26 Jan 2017 00:04:13 +0100 Subject: [PATCH 43/53] Updated Distributed Wiki (markdown) --- services/Distributed-Wiki.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/Distributed-Wiki.md b/services/Distributed-Wiki.md index 8084127..44280d4 100644 --- a/services/Distributed-Wiki.md +++ b/services/Distributed-Wiki.md @@ -19,7 +19,7 @@ The local webserver is monitored with a simple [[shell script|Distributed-Wiki#e ## Network - - Install wiki anycast IP address `172.23.0.80/32` on the system + - Install wiki anycast IP addresses `172.23.0.80/32` and `fd42:d42:d42:80::1/64` on the system - Assign a unicast IP address to be used by Nginx - Establish connectivity to the dn42 network @@ -74,7 +74,7 @@ RACK_ENV=production gollum --css <path>/custom.css --gollum-path <path> --host 1 Set `<path>` to the location where wiki Git repo was cloned. -## Nginx proxy +## Nginx reverse proxy #### SSL From e5f5091946913008c226a69d5374e532db9bef29 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Thu, 26 Jan 2017 00:11:57 +0100 Subject: [PATCH 44/53] Updated Distributed Wiki (markdown) --- services/Distributed-Wiki.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/services/Distributed-Wiki.md b/services/Distributed-Wiki.md index 44280d4..c585e04 100644 --- a/services/Distributed-Wiki.md +++ b/services/Distributed-Wiki.md @@ -148,8 +148,8 @@ server { listen 172.23.0.80:80 default; listen [fd42:d42:d42:80::1]:80 default; - listen 80; - listen [::]:80; + listen <unicast ipv4> 80; + listen [<unicast ipv6>]:80; add_header X-SiteID '<aut-num>-<cc>'; @@ -166,8 +166,8 @@ server { listen 172.23.0.80:443 ssl default; listen [fd42:d42:d42:80::1]:443 ssl default; - listen 443 ssl; - listen [::]:443 ssl; + listen <unicast ipv4> 443 ssl; + listen [<unicast ipv6>]:443 ssl; ssl on; ssl_certificate <path>/ssl.crt; From 66f9d53d87a6337da888d001a09e851ac591687a Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Thu, 26 Jan 2017 00:13:07 +0100 Subject: [PATCH 45/53] Updated Distributed Wiki (markdown) --- services/Distributed-Wiki.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/Distributed-Wiki.md b/services/Distributed-Wiki.md index c585e04..9fcb41f 100644 --- a/services/Distributed-Wiki.md +++ b/services/Distributed-Wiki.md @@ -213,7 +213,7 @@ group gollum-watchdog { ## (example ipv6) peer with one of our iBGP speakers: neighbor fd42:4992:6a6d::1 { - router-id 172.22.0.80; + router-id 172.23.0.80; local-address fd42:4992:6a6d::2; local-as 123456; peer-as 123456; From 7bec5b9499c1c1918a62a2cf6f66d2e350f4c94e Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Thu, 26 Jan 2017 04:43:21 +0100 Subject: [PATCH 46/53] Updated DNS (markdown) --- services/DNS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/DNS.md b/services/DNS.md index f427507..a5a0e1f 100644 --- a/services/DNS.md +++ b/services/DNS.md @@ -1,4 +1,4 @@ -# DNS +# DNS (DEPRECATED) **The new anycast resolver for `.dn42` runs on `172.23.0.53` and `fd42:d42:d42:53::1`. Please see [[Hierarchical DNS]] for more information.** **The information below is outdated.** From edfa4fcf2608bf2ae7fb52d7c4e46f0cef6bed44 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Mon, 30 Jan 2017 20:02:37 +0100 Subject: [PATCH 47/53] Updated Bird communities (markdown) --- howto/Bird-communities.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/howto/Bird-communities.md b/howto/Bird-communities.md index d06eeca..e0e8afb 100644 --- a/howto/Bird-communities.md +++ b/howto/Bird-communities.md @@ -42,7 +42,7 @@ Propagation: ``` For example, if your peer is 12ms away and the link speed between you is 250Mbit/s and you are peering using OpenVPN P2P, then the community string would be (3, 24, 33). -You might want to use this [script](https://github.com/Mic92/bird-dn42/blob/master/bgp-community.rb) to measure round trip time and calculate community values automatically: +Two utilites which measure round trip time and calculate community values automatically are provided, written in [ruby](https://github.com/Mic92/bird-dn42/blob/master/bgp-community.rb) and [C](https://github.com/nixnodes/bird/blob/master/misc/dn42-comgen.c). ``` $ ruby bgp-community.rb --help From a3fc64e7da749a7f1736f1527d11914f16847fc3 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Tue, 31 Jan 2017 19:24:57 +0100 Subject: [PATCH 48/53] Updated Internal Services (markdown) --- internal/Internal-Services.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/internal/Internal-Services.md b/internal/Internal-Services.md index 24745ab..f0cc8ea 100644 --- a/internal/Internal-Services.md +++ b/internal/Internal-Services.md @@ -115,7 +115,12 @@ https://rest.dn42/ ``` ### Direct Connect -An [Advanced Direct Connect](https://en.wikipedia.org/wiki/Advanced_Direct_Connect) Hub is being run at `hub.dcpp.dn42:2780`. Choose a [client](https://en.wikipedia.org/wiki/Comparison_of_ADC_software#Client_software) and connect to exchange files. +Some [Advanced Direct Connect](https://en.wikipedia.org/wiki/Advanced_Direct_Connect) Hubs are being run at `hub.dcpp.dn42:2780`. Choose a [client](https://en.wikipedia.org/wiki/Comparison_of_ADC_software#Client_software) and connect to exchange files. + +| Address | +|:-----------------------| +| hub.dcpp.dn42:2780 | +| dcpp.grmml.dn42:4111 | ### FTP / HTTP From 419a60019c264aad8613041aa251350dc9333889 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Wed, 1 Feb 2017 14:17:56 +0000 Subject: [PATCH 49/53] Updated openvpn (markdown) --- howto/openvpn.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/howto/openvpn.md b/howto/openvpn.md index 1de82ba..27fced0 100644 --- a/howto/openvpn.md +++ b/howto/openvpn.md @@ -60,7 +60,7 @@ cipher aes-256-cbc resolv-retry infinite float port <LOCAL_PORT> -ifconfig-ipv6 <LOCAL_GATEWAY_IPV6> <LOCAL_GATEWAY_IPV6> +ifconfig-ipv6 <LOCAL_GATEWAY_IPV6> <REMOTE_GATEWAY_IPV6> ifconfig <LOCAL_GATEWAY_IP> <REMOTE_GATEWAY_IP> secret /etc/openvpn/<PEER_NAME>.key ``` From 535be0283ef3e97b05ed5b8100fe967c19696205 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Wed, 1 Feb 2017 14:22:28 +0000 Subject: [PATCH 50/53] Updated openvpn (markdown) --- howto/openvpn.md | 1 - 1 file changed, 1 deletion(-) diff --git a/howto/openvpn.md b/howto/openvpn.md index 27fced0..5e86915 100644 --- a/howto/openvpn.md +++ b/howto/openvpn.md @@ -73,7 +73,6 @@ secret /etc/openvpn/<PEER_NAME>.key * `<REMOTE_PORT>` is openvpn port, where your peer listen for traffic ``` -daemon proto <PROTO> mode p2p remote <REMOTE_HOST> From 71384238f78cd5d7a6ae3adc89b505743f454830 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Wed, 1 Feb 2017 22:38:41 +0000 Subject: [PATCH 51/53] Updated Debian Packaging remarks --- howto/Bird.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/howto/Bird.md b/howto/Bird.md index f660651..c3f879e 100644 --- a/howto/Bird.md +++ b/howto/Bird.md @@ -3,7 +3,10 @@ Compared to quagga, bird supports multiple routing tables, which is useful, if y want to learn the practical details behind routing protocols in bird, see the following [guide](https://github.com/knorrie/network-examples) # Debian -The version in the Debian repositories might be quite old, therefore it makes sense to install a newer one directly from bird: +In the Debian release cycle the bird packages may become outdated at times, if that is the case you should use the official bird package repository maintained by the developers of nic.cz. + +This is not necessary for Debian Stretch, which currently ships the most recent version (1.6.3) in this repositories. + ```sh wget -O - http://bird.network.cz/debian/apt.key | apt-key add - apt-get install lsb-release @@ -11,7 +14,6 @@ echo "deb http://bird.network.cz/debian/ $(lsb_release -sc) main" > /etc/apt/sou apt-get update apt-get install bird ``` -In case you are running Debian Jessie and this is not working for you, try replacing jessie with wheezy in the /etc/apt/sources.list.d/bird.list. # Example configuration From 8dc9c06528579205e902210a6257399360c59fe2 Mon Sep 17 00:00:00 2001 From: Mic92 <joerg@higgsboson.tk> Date: Wed, 1 Feb 2017 22:53:03 +0000 Subject: [PATCH 52/53] Simplify valid networks, we don't route public ip space, it's not working properly! --- howto/Bird.md | 137 +++++--------------------------------------------- 1 file changed, 12 insertions(+), 125 deletions(-) diff --git a/howto/Bird.md b/howto/Bird.md index c3f879e..3c8f5a2 100644 --- a/howto/Bird.md +++ b/howto/Bird.md @@ -108,91 +108,12 @@ define OWNIP = <GATEWAY_IP>; function is_self_net() { return net ~ [<SUBNET>+]; } -``` -Generate the filter list from the monotone repository - -``` -$ cd net.dn42.registry -$ ruby utils/bgp-filter.rb --format bird < data/filter6.txt > /etc/bird/filter6.conf - -or - -$ curl -s https://ca.dn42.us/reg/filter6.txt | \ - awk '/^[0-9]/ && $2 ~ /permit/ {printf "%s{%s,%s}\n", $3, $4, $5}' | \ - awk 'BEGIN {printf "function is_valid_network() {\n return net ~ [\n"} \ - NR > 1 {printf ",\n"} {printf " %s", $1} - END {printf "\n ];\n}\n"}' > /etc/bird/filter6.conf -``` - -example filter list: - -``` function is_valid_network() { return net ~ [ - fc00::/8{48,64}, # ULA (undefined) - fd00::/8{48,64}, # ULA (defined) - 2001:67c:20c1::/48{48,48}, # E-UTP IPv6 - 2001:bf7::/32{32,128}, # Freifunk (Foerderverein Freie Netzwerke) IPv6 Range - 2001:67c:20a1::/48{48,48}, # CCC Event Network - 2001:0470:006c:01d5::/64{64,64}, # Registered IANA - 2001:0470:006d:0655::/64{64,64}, - 2001:0470:1f09:172d::/64{64,64}, - 2001:0470:1f0b:0592::/64{64,64}, - 2001:0470:1f0b:0bca::/64{64,64}, - 2001:0470:1f0b:1af5::/64{64,64}, - 2001:0470:1f10:0275::/64{64,64}, - 2001:0470:1f12:0004::/64{64,64}, - 2001:0470:5084::/48{48,64}, - 2001:0470:51c6::/48{48,64}, - 2001:0470:73d3::/48{48,64}, - 2001:0470:7972::/48{48,64}, - 2001:0470:9949::/48{48,64}, - 2001:0470:99fc::/48{48,64}, - 2001:0470:9af8::/48{48,64}, - 2001:0470:9ce6::/55{55,64}, - 2001:0470:9f43::/48{48,64}, - 2001:0470:caab::/48{48,64}, - 2001:0470:cd99::/48{48,64}, - 2001:0470:d4df::/48{48,64}, - 2001:0470:d889:0010::/64{64,64}, - 2001:0470:e3f0:000a::/64{64,64}, - 2001:067c:21ec::/48{48,64}, - 2001:06f8:1019:0000::/64{64,64}, - 2001:06f8:118b::/48{48,64}, - 2001:06f8:1194::/48{48,64}, - 2001:06f8:121a::/48{48,64}, - 2001:06f8:1c1b::/48{48,64}, - 2001:06f8:1d14::/48{48,64}, - 2001:06f8:1d26::/48{48,64}, - 2001:06f8:1d53::/48{48,64}, - 2001:07f0:3003::/48{48,64}, - 2001:08d8:0081:05c8::/63{63,64}, - 2001:08d8:0081:05ca::/64{64,64}, - 2001:15c0:1000:0100::/64{64,64}, - 2001:1b60:1000:0001::/64{64,64}, - 2001:41d0:0001:b6bb::/64{64,64}, - 2001:41d0:0001:cd42::/64{64,64}, - 2001:4dd0:fcff::/48{48,64}, - 2001:4dd0:fdd3::/48{48,64}, - 2001:4dd0:ff00:8710::/64{64,64}, - 2604:8800:0179:4200::/56{56,64}, - 2801:0000:80:8000::/50{50,64}, - 2a00:1328:e101:0200::/56{56,64}, - 2a00:1828:2000:0289::/64{64,64}, - 2a00:1828:a013:d242::/64{64,64}, - 2a00:5540:0387::/48{48,64}, - 2a01:0198:022c::/48{48,64}, - 2a01:0198:035a:fd13::/64{64,64}, - 2a01:0198:0485::/48{48,64}, - 2a01:04f8:0121:4fff::/64{64,64}, - 2a01:04f8:0140:1ffd::/64{64,64}, - 2a01:04f8:0d13:17c0::/64{64,64}, - 2a02:0a00:e010:3c00::/56{56,64}, - 2a02:0ee0:0002:0051::/64{64,64}, - 2a03:2260::/30{30,64} - ]; -} + 'fd00::/8' # ULA address space as per RFC 4193 + ] +} ``` ``` @@ -297,52 +218,18 @@ define OWNIP = <GATEWAY_IP>; function is_self_net() { return net ~ [<SUBNET>+]; } -``` -Generate the filter list from the monotone repository - -``` -$ cd net.dn42.registry -$ ruby utils/bgp-filter.rb --format bird < data/filter.txt > /var/lib/bird/filter4.conf - -or - -$ curl -s https://ca.dn42.us/reg/filter.txt | \ - awk '/^[0-9]/ && $2 ~ /permit/ {printf "%s{%s,%s}\n", $3, $4, $5}' | \ - awk 'BEGIN {printf "function is_valid_network() {\n return net ~ [\n"} \ - NR > 1 {printf ",\n"} {printf " %s", $1} - END {printf "\n ];\n}\n"}' > /var/lib/bird/filter4.conf -``` - -example filter list: - -``` function is_valid_network() { return net ~ [ - 172.20.0.0/14{21,29}, # dn42 main net - 172.20.0.0/24{28,32}, # dn42 Anycast range - 172.21.0.0/24{28,32}, # dn42 Anycast range - 172.22.0.0/24{28,32}, # dn42 Anycast range - 172.23.0.0/24{28,32}, # dn42 Anycast range - 192.175.48.0/24{24,32}, # AS112-prefix for reverse-dns - 10.0.0.0/8{12,28}, # freifunk/chaosvpn - 172.31.0.0/16{22,28}, # chaosvpn - 100.64.0.0/10{12,28}, # iana private range - 195.160.168.0/23{23,28}, # ctdo - 91.204.4.0/22{22,28}, # free.de via ctdo - 193.43.220.0/23{23,28}, # durchdieluft via ctdo - 83.133.178.0/23{23,28}, # muccc kapsel - 87.106.29.254/32{32,32}, # wintix (please don' announce /32) - 85.25.246.16/28{28,32}, # leon - 46.4.248.192/27{27,32}, # welterde - 94.45.224.0/19{19,28}, # ccc event network - 151.217.0.0/16{16,28}, # ccc event network 2 - 195.191.196.0/23{23,29}, # ichdasich pi space - 80.244.241.224/27{27,32}, # jchome service network - 188.40.34.241/32{32,32}, - 37.1.89.192/26{26,28}, # siska - 87.98.246.19/32{32,32} - ]; + 172.20.0.0/14{21,29}, # dn42 + 172.20.0.0/24{28,32}, # dn42 Anycast + 172.21.0.0/24{28,32}, # dn42 Anycast + 172.22.0.0/24{28,32}, # dn42 Anycast + 172.23.0.0/24{28,32}, # dn42 Anycast + 172.31.0.0/16+, # ChaosVPN + 10.100.0.0/14+, # ChaosVPN + 10.0.0.0/8{15,22} # Freifunk.net + ] } ``` From 36ef737305c9de090ee456a8bb5643ea8c8f2093 Mon Sep 17 00:00:00 2001 From: siska <siska@nixnodes.net> Date: Thu, 2 Feb 2017 18:27:03 +0100 Subject: [PATCH 53/53] Updated Internal Services (markdown) --- internal/Internal-Services.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/internal/Internal-Services.md b/internal/Internal-Services.md index f0cc8ea..1927d26 100644 --- a/internal/Internal-Services.md +++ b/internal/Internal-Services.md @@ -128,14 +128,15 @@ Some [Advanced Direct Connect](https://en.wikipedia.org/wiki/Advanced_Direct_Con | Hostname / IP | Space | Speed | Remarks | |:----------------------------------------------------------- |:----- |:----------- |:---------------------------------------------- | -| http://172.22.92.2 | | ~60kbps | mostly up | +| http://172.22.92.2 | | ~60kbps | mostly up | | http://seafile.dn42 | | | Opensource Dropbox, yay! | | http://files.feuerrot.dn42 | 6TB | 1Gbit | http, ftp, nfs, rsync | | sftp://anonsftp:Iich0zieC3retaid@files.crest.dn42:2212/ | 12TB | 1Gb/s | incoming writable | | http://files.martin89.dn42/ | | max 2Mbit/s | download only | -| http://filer.mhm.dn42 | 4TB | 1GBit | 24/7/365 | | -| http://storage.hq.c3d2.de:8080/rpool | | 2.4Mbit/s | download only webdav:k-ot| +| http://filer.mhm.dn42 | 4TB | 1GBit | 24/7/365 | +| http://storage.hq.c3d2.de:8080/rpool | | 2.4Mbit/s | download only webdav:k-ot | | ftp://nas.jan.dn42/ | 6TB | 10 Mbit/s | anonymous read/write | +| http://storage.hb.jplitza.de | 6TB | 10 Mbit/s | http, rsync, download only | ### Torrent Tracker