Wxcafé (Clément Hertling)
2 years ago
1 changed files
Download Patch File
Download Diff File
@@ -0,0 +1,71 @@
Title: doing "real networking" on dn42
So if you're interested in learning about internet-scale networking and
experimenting with BGP and stuff on "real" networks, you have two basic options.
The first one, of course, is to register with a LIR to get an AS number, an IPv4
prefix, and an IPv6 prefix, then rent 1U in a DC nearby and put a server there,
and then get a cross-connect to your local IXP to start peering with people.
The problem with this, obviously, is that it's gonna cost you:
- for the ASN and the IPv4/IPv6 prefixes
- for the DC space
- for the cross-connect
- for the IXP port
so potentially, quite a lot of money, and quite a lot of time to get started
too. The upside is that you'll be a real organization on the real internet, and
that you'll contribute to the IPv4 shortage, which is pretty good (it's also
probably quite a good investment? I guess. Don't register an AS just for that
The other one is to get multiple routers (or servers) and have them on a switch,
and then build multiple networks with them using private addresses and ASN. This
works fine as long as you're just experimenting, but it's a little limited,
a lot more work (since you have to setup multiple ASNs and routers etc), and not
as fun at all.
So both of these aren't great to use. There must be a better solution, some way
to run production networks with other network operators without spending a lot
of money, some way to use real IP addresses and AS numbers without disrupting
the existing net.
Well, rejoice, neighbor, because there is! And it's really simple too, honestly.
It's... an overlay network! The concept is simple: instead of using real
connections between the different networks, you use a VPN that acts functionally
the same way, over the public internet. Then, you use IP addresses from an
[RFC1918](https://tools.ietf.org/html/rfc1918) range, private ASNs, and private
v6 addresses, and start doing BGP with other users of the overlay network. It
has the advantage of costing next to nothing (you only need a VM to have it
run) and actually working with other network operators. The only downside is
that you're not on the actual internet, which isn't that much of a downside for
experimenting with these kind of tech.
There are a few overlay networks, some of them connected with one another, some
private, and you can even start one with your friends (it's not that useful, but
you can at least use it as an encrypted, hidden communications channel,
I guess). But the one I use (and, consequently, the one I'm suggesting you
should be using) is [dn42](https://dn42.org).
My setup is very simple: I got a VPS from [vultr](https://vultr.com), installed
OpenBSD on it (you can upload ISOs to vultr to do your install manually), and
from then installed all required tools to work on the system (vim, git, zsh,
...) and a few VPN tools (OpenVPN, tinc, ...). I went on the dn42 irc channel
and said I was looking for peers, and started talking to the first person who
answered, who also was looking for their first peer. I'm running OpenBGPd and
they're using Bird on Linux, so the process of getting our sessions (v4 and v6)
up and running took a bit of time, and once it started working they leaked all
their prefixes to me (which was swiftly corrected with filters and maxprefs 😁)
Anyway, I encourage you to try it if you're interested in networks, come talk to
me on mastodon or twitter (or IRC) if you want some more details, some info to
get started, or to peer with me! My ASN is `4242421441`, and you can find more
info on there https://registry.dn42.us/registry/aut-num/AS4242421441 by clicking
on the 🗺️ (map) icon
Hoping to peer with you soon!