CRXN / dn42 gateway documentation

CRXN mainly uses IGP protocols such as babel or ospf, while dn42 uses the EGP BGP. Since the protocols are based on different concepts, a direct connection is not possible.

Routes into dn42

If everyone who is a member of dn42 and CRXN would not filter the routes, this would result in announcing them in dn42 under their own AS number. However, according to the registry, you do not have permission to do this. Therefore the dummy ASN 4242423182 was registered in dn42. This is the origin of CRXN routes. So before exporting the routes to dn42, attach an AS path with AS4242423182 to it. So it looks from the outside that the CRXN routes come from AS4242423182. AS4242423182 has the permission to announce the CRXN routes.

Routes into the CRXN

CRXN uses IGP and therefore does not know the concept of AS numbers or originating systems. In CRXN it appears that everything comes from one system. Accordingly, you can export dn42 routes here without preparation.

Notes

• If possible, try to export only CRXN routes to the dn42, which are also in the entitydb.
• Only CRXN routes should be exported to dn42. When dn42 routes are exported from CRXN back to dn42, the BGP AS path attributes are lost. This would then make it look like all dn42 routes have their origin at the dummy AS, which is not correct. As a result, there would be many ROA fails and the dn42 network would become somewhat congested.

Example configuration in bird

To create the BGP path artificially you can use the command bgp_path.prepend. This appends an AS number to the BGP path.

define CRXNAS = 4242423182;

function dn42_export_filter() {
    /* some filter */

    if ( is_crxn_net() ) then {
        bgp_path.prepend(CRXNAS);
    }

    /* some filter */

    accept;
}

If you want to avoid so much traffic flowing through your gateway, you can repeat the command bgp_path.prepend(CRXNAS); once. By doing this, you intentionally make your gateway less attractive to others. (see Route Prepending)

if ( is_crxn_net() ) then {
    bgp_path.prepend(CRXNAS);
    bgp_path.prepend(CRXNAS);
}

Registering the gateway

Currently, a list of gateway operators is maintained in https://codeberg.org/crxn/dn42_gateways/. If you also want to operate a gateway, please submit a PR there.

View current gateways

In case someone is running a gateway without permission or in case you want to check if your gateway is working, you can ask the Global Route Collector (GRC) of dn42:

$ssh shell@collector.dn42
------------------------------------
*    DN42 Global Route Collector   *
------------------------------------
* https://collector.dn42/

This service provides a bird2 shell
for querying the route collector

Be nice, access is logged and
abuse will not be tolerated
------------------------------------
BIRD v2.0.9-11-g207ac485 ready.
Access restricted
bird> show route where bgp_path.last = 4242423182 all
Table master6:
fd14:57af:fe7a::/64  unreachable [DYN_00107 13:04:33.512 from fd89:35db:fc0::4] * (100) [AS4242423182i]
    Type: BGP univ
    BGP.origin: IGP
    BGP.as_path: 4242420604 4242422923 4242423182
    BGP.next_hop: fd89:35db:fc0::4
    BGP.local_pref: 100
    BGP.community: (64511,6) (64511,24) (64511,33)
    BGP.large_community: (65535, 70, 2) (210074, 0, 4242420591) (210074, 1, 1) (4242420604, 2, 13) (4242420604, 501, 4242423513) (4242420604, 502, 41) (4242420604, 504, 3)
                     unreachable [DYN_00037 2022-12-04 from fd89:35db:fc0::3] (100) [AS4242423182i]
    Type: BGP univ
    BGP.origin: IGP
    BGP.as_path: 4242421271 4242422225 210074 4242422924 4242423182 4242423182
    BGP.next_hop: fd89:35db:fc0::3
    BGP.local_pref: 100
    BGP.community: (64511,6) (64511,24) (64511,33)
    BGP.large_community: (65535, 70, 2) (210074, 0, 4242420591) (210074, 1, 1) (4242420604, 2, 13) (4242420604, 501, 4242423513) (4242420604, 502, 41) (4242420604, 504, 3)
                     unreachable [DYN_00139 00:37:09.086 from fd9e:5312:a3b3:100::11] (100) [AS4242423182i]
    Type: BGP univ
    BGP.origin: IGP
    BGP.as_path: 76190 4242420591 210074 4242422923 4242423182
    BGP.next_hop: fd9e:5312:a3b3:100::11
    BGP.local_pref: 100
    BGP.community: (64511,6) (64511,23) (64511,33)
    BGP.large_community: (65535, 70, 2) (210074, 0, 4242420591) (210074, 1, 1) (4242420604, 2, 13) (4242420604, 501, 4242423513) (4242420604, 502, 41) (4242420604, 504, 3)

(The data are only examples and not real)

fd14:57af:fe7a::/64

This is the prefix that is passed through the gateway.

BGP.as_path: 4242420604 4242422923 4242423182

This is the line which is interesting because you can see there who is currently running a gateway. At the very end is the dummy ASN 4242423182, preceded by either the dummy ASN or the operator’s ASN. You can then look up the ASN number in the dn42 registry and know who is running the gateway.

Alternatively, you can filter out the AS numbers directly using standard tools:

ssh shell@collector.dn42 show route where bgp_path.last = 4242423182 all 2>/dev/null | grep -P "^\tBGP.as_path: " | grep -Po "(\d{1,10}) 4242423182" | awk '{ split($0,ary," "); print ary[1] }' | sort | uniq