Initial commit

content/_index.md

@@ -0,0 +1,27 @@
+---
+title: bluemedia.dn42
+draft: false
+---
+
+#### An experiment in global routing.
+
+----------------
+<div align="left">
+
+### About
+bluemedia.dn42 (AS4242423343) is my personal experimental network within <a href="https://dn42.dev" target="_blank">DN42</a>. The network is well connected with others and is currently mainly present in Germany.
+
+### Topology
+
+The bluemedia.dn42 network currently consists of two public and one internal node. All nodes within the network form a full mesh using wireguard tunnels. iBGP is used as the interior gateway protocol. Services such as DNS and websites are hosted centrally behind the internal node.
+
+### Techstack
+
+The following tools and programs are used to run the bluemedia.dn42 network and core services:
+- <a href="https://www.debian.org/" target="_blank">Debian 10</a> - OS used on all host systems
+- <a href="https://bird.network.cz/" target="_blank">bird2</a> - Routing daemon used on all nodes
+- <a href="https://www.wireguard.com/" target="_blank">WireGuard</a> - VPN protocol used to connect all nodes
+- <a href="https://www.isc.org/bind/" target="_blank">BIND 9</a> - Authoritative DNS server for forward and reverse zones
+- <a href="https://nlnetlabs.nl/projects/unbound/" target="_blank">Unbound</a> - Recursive DNS resolver
+
+</div>

content/changelog/new-homepage.md

@@ -0,0 +1,10 @@
+---
+date: "2021-05-29"
+tags: ["web", "informational"]
+title: "New homepage"
+---
+
+I have finally done it and built a homepage for my DN42 network!
+
+You can reach it in the internet under <a href="https://dn42.bluemedia.dev">dn42.bluemedia.dev</a> and in DN42 under <a href="http://bluemedia.dn42">bluemedia.dn42</a>.  
+In the future I will document information about changes to my infrastructure in the changelog. My Looking Glass is also embedded in the page.

content/ipam.md

@@ -0,0 +1,41 @@
+---
+title: IPAM
+draft: false
+---
+
+This page contains information about the prefixes announced by bluemedia.dn42 and their purpose.
+
+bluemedia.dn42 announces the folloing prefixes:
+- fd75:eca7:b62a::/48
+- 172.22.167.80/28
+
+### bluemedia.dn42 Services
+
+{{< bootstrap-table "table table-striped table-bordered" >}}
+|DNS|IPv4|IPv6|Comment|
+|---|----|----|-------|
+|ns1.bluemedia.dn42|172.22.167.90|fd75:eca7:b62a:40::53|Authoritative name server|
+|resolver.bluemedia.dn42|172.22.167.91|fd75:eca7:b62a:40::54|Recursive DNS resolver|
+|web1.bluemedia.dn42|172.22.167.92|fd75:eca7:b62a:40::80|Web server|
+{{< /bootstrap-table >}}
+
+### bluemedia.dn42 Nodes (DN42 addressing)
+
+{{< bootstrap-table "table table-striped table-bordered" >}}
+|DNS|IPv4|IPv6|Comment|
+|---|----|----|-------|
+|de-fsn01.bluemedia.dn42|172.22.167.81|fd75:eca7:b62a:10::1|Hetzner Online, Falkenstein, Germany|
+|de-fra01.bluemedia.dn42|172.22.167.82|fd75:eca7:b62a:20::1|Oracle Cloud, Frankfurt am Main, Germany|
+|de-kkb01.bluemedia.dn42|172.22.167.89|fd75:eca7:b62a:40::1|Internal node|
+{{< /bootstrap-table >}}
+
+### bluemedia.dn42 Nodes (Internet addressing)
+
+{{< bootstrap-table "table table-striped table-bordered" >}}
+|DNS|IPv4|IPv6|Comment|
+|---|----|----|-------|
+|de-fsn01.dn42.bluemedia.dev|157.90.153.123|2a01:4f8:1c17:6d31::1|Hetzner Online, Falkenstein, Germany|
+|de-fra01.dn42.bluemedia.dev|tba|tba|Coming soon|
+|de-kkb01.dn42.bluemedia.dev|(dynamic)|(dynamic)|Internal node|
+{{< /bootstrap-table >}}
+

content/lg.md

@@ -0,0 +1,6 @@
+---
+title: Looking Glass
+draft: false
+---
+
+<iframe height="790px" width="100%" frameBorder="0" src="https://dn42-lg.traber-info.de/" seamless></iframe>

content/peering.md

@@ -0,0 +1,46 @@
+---
+title: Peering
+draft: false
+---
+
+This page will provide you some information if you want to peer with the bluemedia.dn42 network. New peers are always welcome.
+
+*However, please make sure you have read the information below before sending a peering request.*
+
+### Peering Requests
+
+Please email [dn42@bluemedia.dev](mailto:dn42@bluemedia.dev) for new peering requests or if you want to change existing peerings.
+
+### Requirements
+
+If you want to peer with me, you must meet the following requirements:
+ - You are able to connect via wireguard.
+ - Your network supports IPv6.
+ - You implement ROA checks against the DN42 registry.
+ - Your contact information in the registry is to be up to date. I expect you to respond to contact requests within a reasonable amount of time.
+
+### Required Information
+
+At a minimum, I need the following information from you to configure a peering session:
+ - Name of the bluemedia.dn42 node you want to peer with - see [IPAM](/ipam/) for an up to date list
+   - Peering in multiple locations is possible
+ - Your ASN
+ - Public address / domain name of your host
+ - Tunnel and BGP parameters, e.g.
+   - Port number for wireguard
+   - Public key for wireguard
+   - IP addresses of your tunnel endpoint
+     - This will be a single IPv4 /32 and Link-Local IPv6 address in most cases
+
+All peering sessions will be configured as full transit sessions.
+
+### Additional information
+
+#### Route Filtering
+
+My network applies strict Route Origin Authorization (ROA) filtering on all imported and exported routes. Any advertised route that does not have a corresponding route{,6} object in the DN42 registry will be dropped.
+
+#### Reachability Testing an Debugging
+
+I have a <a href="/lg">looking glass</a> that you can use to check your routing configuration.  
+Looking glasses are important if you want to understand how your routes are distributed in the DN42 network. So it's best to learn how to use them right away.