initial notes on bgp and wg
This commit is contained in:
Fisher Darling
@@ -0,0 +1,18 @@
|
||||
# BGP/OSPF Peering
|
||||
|
||||
Each peer:
|
||||
- creates a local network namespace `ohea` which we will use to configure routes and try to not muck up the local system.
|
||||
- we setup wireguard tunnels between eachother and allow all traffic or traffic just in our chosen prefix.
|
||||
- we don't use wg's auto routes since that will be handled by eBGP ("e" for external).
|
||||
- each peer (or ASN) sets up [bird](https://bird.network.cz/) listening on port 179 (BGP) on our
|
||||
WG prefix with a hard-coded IP address (does it need to be hard-coded?).
|
||||
- we tell bird about our peer's ASNs and bird starts doing the whole BGP thing.
|
||||
- we can use BGP if we want, or we can use something else like
|
||||
[Open Shortest Path First](https://en.wikipedia.org/wiki/Open_Shortest_Path_First). Idk what the
|
||||
trade-offs are.
|
||||
|
||||
To actually start peering, I like the PR approach: Someone writes PR that modifies a file under
|
||||
`peers/username.peers` and then a bash script (rust-cli :D) modfies the system WG setup and reloads bird (if they want).
|
||||
- Robby, we could even use the CI system you're developing with have someone listene to a webhook :D
|
||||
|
||||
We should look at what `dn42` does since it's essentially the same as what we're trying to do.
|
||||
Reference in New Issue
Block a user