burble.dn42/www
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

updates 10/02/22
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details

Browse Source
This commit is contained in:
Simon Marsh 2022-02-10 15:18:11 +00:00
parent b607df28f8
commit edf1c4d771
Signed by: burble
GPG Key ID: 0FCCD13AE1CF7ED8
4 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
content/additional/things-to-do.md
View File

@ -118,3 +118,14 @@ Congratulations, you're connected to DN42 !
- Make something corporate - Make something corporate
- Replicate a multi-datacentre corporate/organisation design - Replicate a multi-datacentre corporate/organisation design
- Grab your next job based on your experience ;) - Grab your next job based on your experience ;)
- Make it all again
- There's more than one way to do it; rebuild your network using a different design
- How can you rebuild everything whilst minising the impact to everyone else ?
- What did you learn ? What works better now ? What is worse ?
- How can you do it again better next time ?
## Final words
What can you do in DN42 ?
- Do whatever is fun and interesting for you

2
content/network/design.md
View File

@ -58,7 +58,7 @@ VXLAN uses purely IPv6 link-local addressing, making use of BGP multiprotocol an
extended next hop capabilities for IPv4. extended next hop capabilities for IPv4.
The transit VXLAN and burble.dn42 services networks use an MTU of 4260, however the The transit VXLAN and burble.dn42 services networks use an MTU of 4260, however the
dn42 BGP configuration includes internal communities to distribute desintation MTU across dn42 BGP configuration includes internal communities to distribute destination MTU across
the network for per-route MTUs. This helps ensure path mtu discovery the network for per-route MTUs. This helps ensure path mtu discovery
takes place as early and efficiently as possible. takes place as early and efficiently as possible.

2
content/network/peering.md
View File

@ -42,6 +42,8 @@ To peer with burble.dn42, you must meet the following requirements:
is ever evolving and failure to respond to change notices may result in your is ever evolving and failure to respond to change notices may result in your
peering being suspended.* peering being suspended.*
* Latency to your node must be reasonable, typically this means a latency less than 40ms.
At a minimum, I'll need to know the following in order to establish a peering: At a minimum, I'll need to know the following in order to establish a peering:
* The burble.dn42 node you would like to peer with * The burble.dn42 node you would like to peer with

5
content/services/internal.md
View File

@ -37,13 +37,12 @@ and [ROA tables](/services/public#ROA Tables) when the
[Hashicorp Vault](https://www.vaultproject.io/) is used to handle secrets [Hashicorp Vault](https://www.vaultproject.io/) is used to handle secrets
across the burble.dn42 network.<br/> across the burble.dn42 network.<br/>
Vault is deployed as a 3 node cluster across the Europe core nodes Vault is deployed as a 3 node cluster across the Europe core nodes
and uses [Consul](https://www.consul.io) as the cluster back end. and uses the internal vault database as a back end.
### TLS Certificate Authority ### TLS Certificate Authority
Vault acts as the main [certificate authority](/services/ca/) for burble.dn42 Vault acts as the main [certificate authority](/services/ca/) for burble.dn42
PKI, however there is also an intermediate ACME server based on PKI.
[smallstep CA](https://smallstep.com/docs/step-ca).
Vault allows for regular, automated renewal of certificates on short timeframes Vault allows for regular, automated renewal of certificates on short timeframes
(typically a rolling week or monthly basis). (typically a rolling week or monthly basis).