I'm starting to provide Chinese / English versions of some posts, switch with the Language menu above. 我开始提供部分文章的中文、英文翻译,请使用顶部语言菜单切换。

Posts with tag BGP

DN42 Experimental Network: Intro and Registration (Updated 2021-05-02)

DN42, aka Decentralized Network 42, is a large, decentralized VPN-based network. But unlike other traditional VPNs, DN42 itself doesn't provide any VPN exits, which means it doesn't allow you to bypass Internet censorships or unlock streaming services. On the contrary, the goal of DN42 is to simulate another Internet. It uses much of the technology running on modern Internet backbones (BGP, recursive DNS, etc), and is a great replica of a real network environment.In short, DN42 is:NOT suitable for users only seeking privacy protection or bypassing censorshipNOT suitable for users consuming large amounts of bandwidth/data, such as for unlocking streaming servicesIS suitable for users learning about networking, practicing configuration of servers and routers,...
Illustration

How to Kill the DN42 Network (Updated 2020-08-28)

DN42 is an experimental network, where everyone helps everyone. Nobody is going to blame you if you screwed up. You may seek help at DN42's IRC channel, mailing list or the unofficial Telegram group.Since DN42 is a network for experimentation, a lot of relatively inexperienced users also participate in it. Therefore, occasionally an inexperienced user may misconfigure his/her system and impact the whole DN42 network, or even shut it down.As a more experienced user, here I will teach new users about some operations that can kill the network, and about defense against such misconfigurations that everyone can set up against peers.WARNING: You should not actually perform these operations in DN42. You should focus more on protecting yourself against them....

Configure BGP Confederation & Fake Confederation in Bird (Updated 2020-06-07)

Changelog ¶2020-10-01: Add warning to not filter private ASNs within internal network2020-06-07: Add limitations of Bird confederation, and a way to simulate confederation2020-05-17: Initial versionComparison of BGP Interconnection Schemes within an ISP ¶Most ISPs, or Internet Service Providers, use BGP protocol to exchange their route information. Each ISP will obtain an ASN (Autonomous System Number) from the regional NIC (Network Information Center, e.g. APNIC, RIPE), for example China Telecom's ASN is 4134. Then, ISPs connect their boundary routers via physical links (copper line, fiber, satellite link, etc), and configure BGP protocol on the boundary routers, so they will tell the other part that: "I'm AS4134, and I can provide access to the IP block of 202.101.0.0/18"....

Running Anycast DNS with Docker in DN42

2020-03-16 Notes ¶There is an updated scheme compared to this post, see Sharing Network Namespace Among Docker Containers for Bird Anycasting.It is suggested to read only the concept explanations in this post, and use the above scheme instead for deployment.What's Anycast ¶The commonly used routing protocol on Internet, the BGP, works like this:I own an IP range, 172.22.76.104/29, on DN42.With a BGP software like BIRD, I "announce" that my server has access to IP range 172.22.76.104/29.Servers with peering to me will record this message: "Over this path, I can access 172.22.76.104/29 which is 1 step away."These servers continue to announce to others with peering to them: "This server is 1 step away from the source of 172.22.76.104/29."Similarly, other servers announce that they are 2, 3,...