dn42 peering
I will peer with any other network with a point of presence in the same city area as one of mine. Additionally, I may accept fake "customers" from anywhere.
| Location | Hosting provider | Notes |
|---|---|---|
| Helsinki | Hetzner | Other Hetzner Europe locations may also be accepted, due to unlimited internal traffic |
| Stockholm | Hosthatch | I have two redundant nodes with roughly equal network performance |
| Zurich | Hosthatch | |
| Nuremberg/Nürnberg | Netcup | |
| Chicago | Hosthatch | I have two nodes here but they are not a redundant pair. Only one is used for peering. |
| London | OVH | |
| Montreal | OVH | |
| Sydney | OVH |
A link from Helsinki to a peering partner in Frankfurt is currently grandfathered in.
Requirements
For general information, see the Getting Started page on the dn42 wiki. You should have an idea how DN42 works before asking for peering.Most requirements are flexible, since I set up each peer individually and interactively, not through an automated process.
- You need at least an ASN registered in the dn42 registry.
- First: VPN.
For Wireguard, exchange endpoint IP address and public key.
I use a random PresharedKey as standard, since it provides a little DoS mitigation and quantum resistance and costs nothing.
Outside protocol can be IPv4 or IPv6. You can have a dynamic address or be behind NAT. Currently all nodes have IPv4 addresses. - Inside the tunnel: IPv6 is required.
- MP-BGP with extended next-hop is recommended. Otherwise the peering will be IPv6-only - it won't carry IPv4 traffic.
- My AS number is 4242421855. My BGP address is fe80::1855 (link-local) in most tunnels.
- This is a toy network. All "services" are "provided" non-commercially and without any liability or guarantee.
- If you expect to transfer 1000 GB/month or more please inform me when making the connection. This would be unusual for dn42 at the moment, but it's possible. Just inform me so I can make sure there's enough capacity.
Connecting as a "customer"
I may accept (fake) "customers" from anywhere, without regard to location. This hasn't happened yet.- There is no location limitation.
- The same process is followed to make a VPN tunnel.
- BGP is optional. BGP is not required for data transfer. If you want to peer BGP, the same rules apply as for a full peering.
- If you don't have addresses in the dn42 registry, I can give you an IPv6 address block (/64 by default, up to /61 with justification) and have a small number of IPv4 addresses to give out.
A common misconception is that you can't subnet smaller than /64. You can, but you can't use SLAAC, which essentially means setting a static address on each device. You'll learn more this way, so no excuses. - No connections to anonymous people - you're in the dn42 registry, or you're someone I know in real life, or on IRC, or you're affiliated with some hackerspace, or Chaos Computer Club, or some open source project, or something like that.
- I will configure my end so that this route is only used to access your network, and not any other networks you might advertise with BGP.