www/content/additional/maintlog/2019.md

---
title: "2019"
weight: -2019
---
Archive of changes made in 2019

#### 31st December 2019

The Christmas period has been a really busy period for burble.dn42, with integration
and transfer of services over to the new nodes. Primarily, this has meant moving services
from fr-rbx1 and sg-sin2 to fr-rbx2, fr-sbg1 and sg-sin1. As part of the rebuilding,
I've also taken the opportunity to re-create most of my ansible scripting, with the
intent that this will eventually be published.

Most services are now moved, with the main exception of DNS and the GRC, both of which
need more significant work. The website also now needs major updates to reflect the
changes I've made.

The following new nodes are also open for peering:

 - dn42-fr-rbx2
 - dn42-fr-sbg1
 - dn42-ch-zur1
 - dn42-sg-sin1
 - dn42-hk-hkg1

**Happy New Year**

### 24th December 2019

The last month has been spent redesigning my WAN and introducting a latency based metric for
connectivity between nodes. This is now mostly complete, but not without its own follow on
problems that need to be resolved.

Things still to do include:
 - Fixing the service delivery layer as a software upgrade breaks IPv6 connectivity
 - Adding documentation to the website on the new design
 - Opening new nodes for peering
 - Making the config public

Another new node will also be added, dn42-fr-rbx2 and dn42-fr-rbx1 will be retired.

**Merry Christmas DN42**

#### 29th November 2019

Black friday is here and new nodes are on the way.

* dn42-fr-sbg1
* dn42-ch-zur1
* dn42-sg-sin1
* dn42-hk-hkg1

#### 2nd November 2019

Retired dn42-us-lax2, dn42-us-chi2, dn42-ca-bhs1, dn42-tr-ist1 and dn42-no-osl1.  
Restructured the internal confederations.

#### 26th October 2019

New experimental node added hosted in the Oracle Cloud environment in Mumbai, India.

Users are welcome to peer and test the node, but should be aware there may be short notice changes
or interruptions to service.

#### 19th October 2019

After a few weeks of outage and putting up with influx using up a vast amount of resources, the monitoring
service has finally moved to a federated prometheus architecture. Hopefully this will have better
performance than the influx architecture used previously. At some point I'll update the monitoring page with
details of the new configuration.

#### 12th October 2019

The burble.dn42 wiki service is now part of the global anycast for wiki.dn42.

See the [services](/home/burble-dn42-services) page for more details.

#### 2nd October 2019

The recursive DNS service now supports clearnet queries

#### 15th September 2019

Stop supporting IPsec tunnels

#### 21st August 2019

Removed sg-sin3 and vn-han1

#### 13th August 2019

Added DN42 wiki service [editable via dn42](https://wiki.burble.dn42),
[readonly via clearnet](https://dn42.dev).

Issued new Certificate Authority root certificate with a longer expiry date.

#### 11th August 2019

Added a couple of Python 3 updates for [bird-lg](https://github.com/sesa-me/bird-lg) that fixes
broken BGP map functionality in the [looking glass](https://lg.burble.com/).

Influx ate all the memory (10gb!) on de-fra1, so is currently offline until it can be fixed.

#### 28th July 2019

Add dn42-us-mia2, which will replace dn42-us-mia1

#### 25th July 2019

Add pingable.burble.dn42

#### 21st July 2019

Decommissioning of dn42-ru-mos1 and dn42-us-sea1

#### 17th July 2019

DoH! The [DNS Service](/home/dns) now support DNS over HTTPS.

#### 22nd June 2019

Tidied up node information.

#### 14th June 2019

A new host IRC web service has been added, based on [thelounge](https://thelounge.chat/).

See the [services](/home/burble-dn42-services) page for more details.

#### 8th June 2019

The recursive DNS service now uses parallel queries across all five regional master nodes.  
This approach takes advantage of the burble.dn42 global scale to reduce latencies, 
improve resilience and prevent local connectivity problems from impacting the results. 
See the [DNS](/home/dns) page for more info.


#### 24th May 2019

Moved and extended the DN42 monitoring so that it is more independent and also clustered.

A writeup of the hosted grafana service and monitoring is available [here](/home/grafana-services).

#### 21st May 2019

dn42-uk-lon1 is back again after being out of action for the day.

The host server apparently threw a disk after being updated to cover the MDS vulnerability and the 
provider has spent the day recovering the node.


#### 20th May 2019

Some nodes may have outages over the next few days as providers deal with the recent MDS vulnerabilities.

Added new peers 

* [AS4242421588](https://explorer.burble.com/#/aut-num/AS4242421588) /
[TECH9](https://explorer.burble.com/#/mntner/TECH9-MNT) at dn42-us-lax2
* [AS4242421166](https://explorer.burble.com/#/aut-num/AS4242421166) /
[MTR](https://explorer.burble.com/#/mntner/MTR-MNT) at dn42-fr-rbx1 and dn42-de-fra1

#### 15th May 2019

Updated my fork of [bird-lg](https://github.com/sesa-me/bird-lg) by merging [Zhaofeng](https://github.com/zhaofengli/bird-lg)'s Python2 to Python3 bird-lg updates and fixing a few outstanding problems.

The updated code is now live on the burble.dn42 [looking glass](https://lg.burble.com).


#### 13th May 2019

Moved the looking glass to its own container, in anticipation of future website changes

dn42-us-mia1 is offline again.

#### 10th May 2019

dn42-us-chi2 was suspended by the provider on 8/5 due to 'NTP reflection attacks'.

This is a hazard of running a busy NTP server as part of the [NTP Pool](https://www.ntppool.org/en/);
providers can get twitchy when they see a large amount of NTP traffic, due to the well publicised
vulnerabilities in stock NTPd.

My network uses chronyd rather than NTPd and it is simply not vulnerable to abuse in the same way
as NTPd, I also regularly monitor and check the services. On the other hand, the server does see
a large amount of NTP traffic and it can sometimes be difficult demonstrating that I'm
specifically providing a service here and not under some kind of attack.

Apologies that the server was offline for a few days, but it should now finally be back again. 

For info, here is the bandwidth graph of dn42-us-chi2 as it was suspended:

![Bandwidth Graph](markarian-bandwidth-190510.png)

It's trivial to see that an amplification attack was not occuring, as the inbound and outbound
traffic are both equal. It's a shame some providers don't consider this before suspending services,
but, understandable that the economics of providing VPS services can prohibt this.

Added new peers:

* [AS4242422322](https://explorer.burble.com/#/aut-num/AS4242422322) /
[PLASMATRIX](https://explorer.burble.com/#/mntner/PLASMATRIX-MNT) at dn42-de-fra1

#### 5th May 2019

Added git service.  
See the [services](/home/burble-dn42-services) page for more details.`<

#### 1st May 2019

Seems traceroutes and some Europe Region, IPv4 related DNS lookups weren't working.  
Both are fixed now.

Added new peers:

* [AS76140](https://explorer.burble.com/#/aut-num/AS76140) /
[FEUERROT](https://explorer.burble.com/#/mntner/FEUERROT-MNT) at dn42-de-fra1

#### 30th April 2019

New node added and ready for peering

* dn42-ca-bhs2 (Beauharnois, Canada)

With the addition of several new nodes, the internal BGP confederations
have been re-orginised.  
This new organisation should provide better balance and allow for more local services.

* The North American region has been split in two, becoming Central & West Coast
and East Coast.
* lt-vil1 and at-vie1 have been moved to the East Europe region. 

Added new peers:

* [AS4242423581](https://explorer.burble.com/#/aut-num/AS4242423581) /
[CLOUDYSKIES](https://explorer.burble.com/#/mntner/CLOUDYSKIES-MNT) at dn42-us-lax2
* [AS4242420141](https://explorer.burble.com/#/aut-num/AS4242420141) /
[DEEPWATER](https://explorer.burble.com/#/mntner/DEEPWATER-MNT) at dn42-de-fra1
* [AS4242420246](https://explorer.burble.com/#/aut-num/AS4242420246) /
[XESXEN](https://explorer.burble.com/#/mntner/XESXEN-MNT) at dn42-fr-rbx1 and dn42-uk-lon1
* [AS4242422543](https://explorer.burble.com/#/aut-num/AS4242422543) /
[RESETTRAP](https://explorer.burble.com/#/mntner/RESETTRAP-MNT) at dn42-jp-tyo1

#### 19th April 2019

New nodes added and ready for peering.

* dn42-at-vie1 (Vienna, Austria)
* dn42-us-nyc1 (New York, United States)

#### 18th April 2019

Over the last week, and number of major changes have taken place to the burble.dn42 network.  
These include:

* Configuring [Jool](https://www.jool.mx) to provide IPv4 to IPv6 SIIT for the new 172.20.129.0/27 prefix  
The aim is for all internal services of the burble.dn42 network to be provided by IPv6, with
SIIT taking place at the network edge for external IPv4 users.
* Configuring Jool to provide a NAT64 service  
So that internal, IPv6 only, services can access external IPv4 networks
* Adding a new VXLAN to the WAN overlay  
The new VXLAN segregates DN42 traffic from the internal traffic and enables a separate DN42
routing domain. As a side effect, this change also fixes the problem where internal IP addresses were
being leaked and causing confusing traceroutes for DN42 users.

Over time, internal IPv4 services will be removed


#### 12th April 2019

New prefix 172.20.129.0/27 registered to provide space for more nodes
and additional services.

172.20.129.0/27 will be used as anycast addresses for services.
172.20.129.160/27 will be used for burble.dn42 nodes

Added new peers:

* [AS4242421063](https://explorer.burble.com/#/aut-num/AS4242421063) /
[ZIIS](https://explorer.burble.com/#/mntner/ZIIS-MNT) at dn42-uk-lon1
* [AS4242421475](https://explorer.burble.com/#/aut-num/AS4242421475) /
[SIRMYSTERION](https://explorer.burble.com/#/mntner/SIRMYSTERION-MNT) at dn42-us-chi2


#### 7th April 2019

Added an old node in to the DN42 network, dn42-sg-sin2.
RPKI and DNS services have been moved to the node from dn42-sg-sin2
which should improve diversification and stability.

#### 3rd April 2019

Added new peers:

* [AS4242423974](https://explorer.burble.com/#/aut-num/AS4242423974) /
[GIGGA](https://explorer.burble.com/#/mntner/GIGGA-MNT) at dn42-sg-sin3

#### 31st March 2019

The DNS service has gone global, with every node in the burble.dn42 network
now participating in the DNS Anycast service.  
More details can be found on the [DNS](/home/dns) page.


#### 26rd March 2019

Added new peers:

* [AS4242420568](https://explorer.burble.com/#/aut-num/AS4242420568) /
[MARSHY](https://explorer.burble.com/#/mntner/MARSHY-MNT) at dn42-au-syd1
* [AS4242423853](https://explorer.burble.com/#/aut-num/AS4242423853) /
[CHENYAO2333](https://explorer.burble.com/#/mntner/CHENYAO2333-MNT) at dn42-ca-bhs1
* [AS4242423328](https://explorer.burble.com/#/aut-num/AS4242423328) /
[DEBOERDN2000](https://explorer.burble.com/#/mntner/DEBOERDN2000-MNT) at dn42-ca-bhs1
* [AS4242423924](https://explorer.burble.com/#/aut-num/AS4242423924) /
[EVILZONE](https://explorer.burble.com/#/mntner/EVILZONE-MNT) at dn42-sg-sin3

#### 11th March 2019

New node added dn42-de-fra1

#### 9th March 2019

Added new peers:

* [AS4242420101](https://explorer.burble.com/#/aut-num/AS4242420101) /
[HEXA](https://explorer.burble.com/#/mntner/HEXA-MNT) at dn42-fr-rbx1
* [AS4242423783](https://explorer.burble.com/#/aut-num/AS4242423783) /
[OZARK](https://explorer.burble.com/#/mntner/OZARK-MNT) at dn42-au-syd1
* [AS4242420571](https://explorer.burble.com/#/aut-num/AS4242420571) /
[CAICAI](https://explorer.burble.com/#/mntner/CAICAI-MNT) at dn42-vn-han1

A new instance of the registry explorer has been created that references
the 'object-fix' branch of the DN42 registry. The main purpose of this
is to support the new [DNS](/home/dns) system being developed.

[http://grc.burble.dn42:8043/](http://grc.burble.dn42:8043/)

A couple of the nodes on the network experienced some downtime over the week:

* dn42-us-mia1 was down to 2 days and had to be rebuilt as my VPS provider's
storage array crashed.
* dn42-us-dal3 was also down for a few hours, the provider accidently
suspended the VPS due to a billing error on their side




#### 7th March 2019

Added new peers

* [AS4242421955](https://explorer.burble.com/#/aut-num/AS4242421955) /
[NOP](https://explorer.burble.com/#/mntner/NOP-MNT) at dn42-fr-rbx1
* [AS4242420161](https://explorer.burble.com/#/aut-num/AS4242420161) /
[ZZZ](https://explorer.burble.com/#/mntner/ZZZ-MNT) at dn42-jp-tyo1

#### 26th February 2019

Initialised [GRC website](https://grc.burble.com)

Added new peers

* [AS4242422626](https://explorer.burble.com/#/aut-num/AS4242422626) /
[HANNIBAL](https://explorer.burble.com/#/mntner/HANNIBAL-MNT) at dn42-fr-rbx1
* [AS4242423156](https://explorer.burble.com/#/aut-num/AS4242423156) /
[BUROA](https://explorer.burble.com/#/mntner/BUROA-MNT) at dn42-us-chi2

#### 21st February 2019

The [Looking Glass](https://lg.burble.com) has been udpated to use
[lgregmapper](https://git.dn42.us/burble/lgregmapper) and data from
[dn42regsrv](https://git.dn42.us/burble/dn42regsrv).

#### 19th February 2019

New peer added:

* [AS4242423975](https://explorer.burble.com/#/aut-num/AS4242423975) /
[FELIX](https://explorer.burble.com/#/mntner/FELIX-MNT) at dn42-fr-rbx1

#### 18th February 2019

The internal and public ROA service has been moved over to using dn42regsrv.  
See the [services](/home/burble-dn42-services) page for more details.

New peer added:

* [AS4242423973](https://explorer.burble.com/#/aut-num/AS4242423973) /
[TECHNOPOINT](https://explorer.burble.com/#/mntner/TECHNOPOINT-MNT) at dn42-sg-sin3

#### 16th February 2019

New peers added:

* [AS4242420182](https://explorer.burble.com/#/aut-num/AS4242420812) /
[JAN](https://explorer.burble.com/#/mntner/JAN-MNT) at dn42-uk-lon1
* [AS4242422042](https://explorer.burble.com/#/aut-num/AS4242422042) /
[KLEEN](https://explorer.burble.com/#/mntner/KLEEN-MNT) at dn42-fr-rbx1
* [AS4242423201](https://explorer.burble.com/#/aut-num/AS4242423201) /
[DDPO](https://explorer.burble.com/#/mntner/DDPO-MNT) at dn42-uk-lon1

#### 10th February 2019

Updated the [services](/home/burble-dn42-services) to include new stuff::

* DNS
* Registry REST API and Explorer
* Global Route Collector

New peers added:

* <a href="https://explorer.burble.com/#/aut-num/AS4242420191">AS4242420191</a>
/ <a href="https://explorer.burble.com/#/mntner/TCDUE-MNT">TCDUE</a>
at dn42-uk-lon1
* <a href="https://explorer.burble.com/#/aut-num/AS4242422019">AS4242422019</a>
/ <a href="https://explorer.burble.com/#/mntner/HENOKV-MNT">HENOKV</a>
at dn42-fr-rbx1
* <a href="https://explorer.burble.com/#/aut-num/AS64713">AS64713</a>
/ <a href="https://explorer.burble.com/#/mntner/MARTIN89-MNT">MARTIN89</a>
at dn42-fr-rbx1
* <a href="https://explorer.burble.com/#/aut-num/AS4242423000">AS4242423000</a>
/ <a href="https://explorer.burble.com/#/mntner/RELROD-MNT">RELROD</a>
at dn42-ca-bhs1
* <a href="https://explorer.burble.com/#/aut-num/AS4242421656">AS4242421656</a>
/ <a href="https://explorer.burble.com/#/mntner/PHIIVO-MNT">PHIIVO</a>
at dn42-us-lax2

#### 26th January 2019

New service !

A burble.dn42 route [collector](https://collector.burble.com) has been added, together with
some interesting [stats](/monitoring/network-reach) showing reachability of DN42 from the burble.dn42 network.

A common, global route collector is in progress, see [here](https://git.dn42.us/burble/grc)

#### 21st January 2019

New peer added:

* AS4242423306 / TIMK at dn42-au-syd1

#### 13th January 2019

bgpmap updated to add MNT and prefix info for ASes.

New peers added:

* AS4242420415 / TYLER at dn42-us-lax2
* AS4242423569 / DHE at dn42-us-dal3
* AS4242423585 / JD52RU at dn42-fr-rbx1 and dn42-uk-lon1

#### 12th January 2019

The [Looking Glass](https://lg.burble.com/) now supports bgpmap again.  
My bird-lg fixes are available on [github](https://github.com/sesa-me/bird-lg).

New peer added:

* AS4242421501 / ADAMYI at dn42-au-syd1

#### 11th January 2019

Some layout fixes to the [Looking Glass](https://lg.burble.com/), including fixing whois lookups.

#### 3rd January 2019

First new peers of 2019:

* AS4242420505 / 42ISLIFE at dn42-ca-bhs1
* AS4242421114 / GRGR at dn42-us-chi2
* AS4242421050 / NAPSTERBATER at dn42-us-chi2

#### 2nd January 2019

Consolidated number of anycast sessions.