alt

UsmanNet 2022 - An Overview of my Network

Network Infrastructure Breakdown: My network mainly consists of two Ubiquiti EdgeRouter Xs, two Cisco Catalyst switches, and a VyOS cloud VPS. WireGuard is used as the VPN tunneling protocol, to connect the Edgerouters and the Vyos VPS. I participate in the DN42 BGP project. BGP is used on edge.dn42.lan, to connect to the BGP upstream & downstream peers, providing access to the DN42 private network. OSPF is used between erx....

28 July, 2022 · 2 min · Usman
alt

DN42 Part 3: BGP ROA/RPKI Filtering using Docker

What is ROA/RPKI? Route Origin Authentication (ROA) - is a way to verify whether an IP prefix advertised, is actually owned by the Autonomous System (AS) that advertised it. Resource Public Key Infrastructure (RPKI) - is a protocol that facilitates the exchange of ROA and other related information between ASes. How does ROA/RPKI work? Essentially, there are central databases which contain a list of all ASes and the IP prefixes that they are allowed to advertise....

19 July, 2022 · 3 min · Usman
alt

Hurricane Electric IPv6 Tunnel Broker On a Ubiquiti EdgeRouter

What is Tunnel Broker? Tunnel Broker (provided by Hurricane Electric) is a service that allows users to connect the IPv6 internet, over IPv4. How it works It essentially works by establishing a GRE tunnel to one of Hurricane Electric’s PoPs, via the IPv4 internet, and then running IPv6 ranges over it. Why Tunnel Broker? Accessibility I decided to setup Tunnel Broker, as my ISP doesn’t support IPv6. This would allow access to IPv6-only services on the internet....

11 March, 2022 · 7 min · Usman
alt

DN42 Part 2: Conecting an AWS VPS to DN42, using iBGP and WireGuard.

I recently connected to the DN42 BGP mesh, a big network which employs WAN technologies to create an internet like mesh. Read my first most for more info on DN42. In this post, I’ll go over how I: Provisioned an AWS Linux VPS. Created a WireGuard Site2Site VPN Connection between my Ubiquiti EdgeRouter and VPS. Utilized the BIRD internet routing daemon to handle internal BGP routing over that VPN connection....

10 January, 2022 · 10 min · Usman
alt

DN42 Part 1: Connecting to the DN42 BGP Mesh

What is DN42? DN42 is a big network, which employs WAN technologies (BGP, whois database, DNS, etc) to create an internet like mesh. Members connect to each other using VPN tunnels (GRE, OpenVPN, WireGuard, IPsec) and exchange routes via BGP. DN42 currently has 410 nodes/users, advertising ~600 prefixes. realtime map Why DN42? DN42 allows you to experiment with mentioned internet technologies, without the logistical difficulties and high expenses of registering with real AS registries, on the live internet....

22 November, 2021 · 7 min · Usman
alt

Wireguard VPN on a Ubiquiti EdgeRouter

What is Wireguard? WireGuard is an extremely simple yet fast and modern VPN that utilizes modern cryptography. It aims to be faster, simpler, leaner, and more useful than alternatives such as IPsec & OpenVPN. WireGuard’s codebase has only 4,000 lines of code, which is considerably less than OpenVPN’s, which has 600,000. WireGuard’s Performance WireGuard’s speed and elegance are the main reasons for its popularity, it is significantly faster than OpenVPN & IPsec - in terms of raw throughput, authentication speed and latency....

21 October, 2021 · 7 min · Usman