wiki.ohea.xyz/wiki
11
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

small typos

Browse Source
This commit is contained in:
Fisher Darling
2022-11-03 22:51:56 +01:00
parent 8a3037f2f8
commit f72aa78f86
1 changed files with 9 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
projects/alamesh/alanet_conf_reqs.md
+7 -8
View File
@@ -2,7 +2,7 @@
[[_TOC_]] [[_TOC_]]
Before we start peering there are some questions we need to answer and a way to store global configuration. Before we start peering there are some questions we need to answer and we need a way to store global configuration.
# Network Questions # Network Questions
@@ -24,15 +24,12 @@ for the future mesh network :). It'd be nice to not share space with `dn42` in c
* Another option is to do `02XX:XX:X0::/32` where `X` is your ASN number suffix. That's kinda fun but then we don't get nice, * Another option is to do `02XX:XX:X0::/32` where `X` is your ASN number suffix. That's kinda fun but then we don't get nice,
short addresses. short addresses.
Think about it what you want to do! Remember, it's _our_ internet. Think about it what you want to do! Everyone has a say!
The rest of the document discusses our configuration requirements. The rest of the document discusses our configuration requirements.
# What Config Information Do We Need? # What Config Information Do We Need?
As discovered in [[setting_up_bird]], there's a lot that can go wrong when setting up peering and bird configuration.
We want to automate that process and make it **a single command** to peer with a new person.
We need global information about the router and information per-peer. We need global information about the router and information per-peer.
## Router Config ## Router Config
@@ -85,10 +82,10 @@ We need the:
The port is only different per-peer since we give each peer a separate interface. This makes things much easier from a The port is only different per-peer since we give each peer a separate interface. This makes things much easier from a
management and security perspective at the cost of making the port unknown. management and security perspective at the cost of making the port unknown.
> We can setup auto-peering
# What Are Our Automation Goals? # What Are Our Automation Goals?
Maybe not necessary for the near-future, but these goals should guide our implementation.
* Only a single command to refresh or add a peer with a simple configuration format. * Only a single command to refresh or add a peer with a simple configuration format.
* Simple way to add public router information (asn, internal ip, subnet). * Simple way to add public router information (asn, internal ip, subnet).
* Only exchange per-peer information _once_. I give you an endpoint and key, you give me an endpoint and key, done. * Only exchange per-peer information _once_. I give you an endpoint and key, you give me an endpoint and key, done.
@@ -115,6 +112,8 @@ on the super cheap VPS I'm using. Maybe there's another way.
## Automatic Peering ## Automatic Peering
Not really a way to implement the above, but interesting nonetheless.
This would be incredibly useful. There's some dn42 peers that provide a UI or custom wg server that's 100% self serve. This would be incredibly useful. There's some dn42 peers that provide a UI or custom wg server that's 100% self serve.
The custom wg server is interesting since your connection port is the last 5 digits of your ASN which is really nice and The custom wg server is interesting since your connection port is the last 5 digits of your ASN which is really nice and
makes it very easy to peer with someone else. This makes me feel like peering should not be public and we might want to makes it very easy to peer with someone else. This makes me feel like peering should not be public and we might want to
@@ -130,4 +129,4 @@ See [Identity Management for WireGuard](https://lwn.net/Articles/910766/).
# Conclusion # Conclusion
We need to answer the questions at the very beginning and figure out how to store ASN information. We could honestly We need to answer the questions at the very beginning and figure out how to store ASN information. We could honestly
just answer the initial quesitions and just peer manually / not try to make anything fancy. Or we make it fancy :) just answer the initial quesitions and just peer manually and not try to make anything fancy. Or we make it fancy :)