|
@ -0,0 +1,126 @@
|
||||||
|
# Servers
|
||||||
|
|
||||||
|
HINT: This is currently a work in progress by @mark22k
|
||||||
|
|
||||||
|
## Rekursiv
|
||||||
|
|
||||||
|
| DNS | IP address |
|
||||||
|
| --- | --- |
|
||||||
|
| recur1.bandura.crxn | fd92:58b6:2b2::5353 |
|
||||||
|
|
||||||
|
## Authoritiv
|
||||||
|
|
||||||
|
# Resolve CRXN domains only
|
||||||
|
|
||||||
|
Advantage:
|
||||||
|
- Very simple configuration
|
||||||
|
|
||||||
|
Disadvantage:
|
||||||
|
- No more access to Clearnet domains
|
||||||
|
- Dependence on one server
|
||||||
|
|
||||||
|
You can enter a recursive CRXN server as your DNS server in the operating system.
|
||||||
|
|
||||||
|
The configuration of this differs depending on the operating system. For example, in Debian without NetworkManager, you can add the following to `/etc/resolv.conf`:
|
||||||
|
```
|
||||||
|
nameserver fd92:58b6:2b2::5353
|
||||||
|
```
|
||||||
|
|
||||||
|
# Run your own forwarder
|
||||||
|
|
||||||
|
Advantage:
|
||||||
|
- Simple configuration
|
||||||
|
|
||||||
|
Disadvantage:
|
||||||
|
- Dependence on one server
|
||||||
|
|
||||||
|
With this method, you run a small DNS server of your own, which receives and forwards requests. This is suitable for one computer or very small networks.
|
||||||
|
|
||||||
|
There are several software you can use for this.
|
||||||
|
|
||||||
|
## Coredns
|
||||||
|
|
||||||
|
This guide is for Debian based systems.
|
||||||
|
First you need to download Coredns. You can find the software at https://coredns.io/. As a download package you get a compressed file. Extract it and make the file `coredns` executable and copy it into the directory `/usr/local/bin`.
|
||||||
|
```
|
||||||
|
$tar xvf coredns_1.10.0_linux_amd64.tgz
|
||||||
|
$chmod +x coredns
|
||||||
|
$sudo cp coredns /usr/local/bin/
|
||||||
|
```
|
||||||
|
|
||||||
|
To start Coredns automatically you can create a Systemd unit:
|
||||||
|
```
|
||||||
|
$ editor /etc/systemd/system/coredns.service
|
||||||
|
```
|
||||||
|
|
||||||
|
Paste the following:
|
||||||
|
```
|
||||||
|
[Unit]
|
||||||
|
Description=CoreDNS DNS server
|
||||||
|
Documentation=https://coredns.io/
|
||||||
|
After=network.target
|
||||||
|
After=alfis.service
|
||||||
|
After=meshnamed.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
PermissionsStartOnly=true
|
||||||
|
LimitNOFILE=1048576
|
||||||
|
LimitNPROC=512
|
||||||
|
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||||
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||||
|
NoNewPrivileges=true
|
||||||
|
User=coredns
|
||||||
|
ExecStart=/usr/local/bin/coredns -conf=/etc/coredns/Corefile
|
||||||
|
ExecReload=/bin/kill -SIGUSR1 $MAINPID
|
||||||
|
Restart=on-failure
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
```
|
||||||
|
|
||||||
|
After that reload systemd:
|
||||||
|
```
|
||||||
|
$sudo systemctl daemon-reload
|
||||||
|
```
|
||||||
|
|
||||||
|
To isolate Coredns, you create a new user:
|
||||||
|
```
|
||||||
|
$sudo adduser --home /etc/coredns/ --disabled-password --disabled-login coredns
|
||||||
|
```
|
||||||
|
|
||||||
|
After that you can create and edit the Coredns configuration file `Corefile`:
|
||||||
|
```
|
||||||
|
editor /etc/coredns/Corefile
|
||||||
|
```
|
||||||
|
|
||||||
|
Paste the following:
|
||||||
|
```
|
||||||
|
crxn., d.f.ip6.arpa. {
|
||||||
|
loop
|
||||||
|
bind 127.0.0.1 ::1
|
||||||
|
forward . fd92:58b6:2b2::5353
|
||||||
|
}
|
||||||
|
```
|
||||||
|
Replace `fd92:58b6:2b2::5353` with your preferred recursive server.
|
||||||
|
With `bind 127.0.0.1 ::1` you bind Coredns to your local machine only, so no one else can access it. If you want to create a network forwarder, you have to remove this line. If you want to restrict the forwarder access only to a specific network, you can use the [ACL Plugin](https://coredns.io/plugins/acl/).
|
||||||
|
|
||||||
|
To resolve Clearnet domains, insert the following:
|
||||||
|
```
|
||||||
|
. {
|
||||||
|
loop
|
||||||
|
bind 127.0.0.1 ::1
|
||||||
|
forward . tls://1.1.1.1 tls://1.0.0.1 tls://2606:4700:4700::1111 tls://2606:4700:4700::1001 {
|
||||||
|
tls_servername 1dot1dot1dot1.cloudflare-dns.com
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -5,4 +5,4 @@ CRXN _On-the-go_ are a collection of services run by a few people on CRXN that h
|
||||||
|
|
||||||
So far we have two people offering such services:
|
So far we have two people offering such services:
|
||||||
|
|
||||||
1. [Deavmi's OTG](deavmi.md)
|
1. [Deavmi's OTG](deavmi)
|
|
@ -1,19 +0,0 @@
|
||||||
CRXN DNS
|
|
||||||
========
|
|
||||||
|
|
||||||
![](dns/dns.png)
|
|
||||||
|
|
||||||
**CRXN DNS** offers users the ability to map their CRXN IP address to human-readable names to make life easier.
|
|
||||||
The way DNS is managed on CRXN is via the [RecordDB](http://codeberg.org/CRXN/zones/src/branch/master/all) whereby
|
|
||||||
you make a pull request to add your entries and it gets approved by one of the network administrators. The time for
|
|
||||||
the new records to reflect is dependent on which root nameserver your choose to use.
|
|
||||||
|
|
||||||
## Root nameservers
|
|
||||||
|
|
||||||
1. **Deavmi's root nameserver**:`fd08:8441:e254::4` (`dns1.crxn`)
|
|
||||||
1. This server updates records every 10 minutes
|
|
||||||
2. Provides clearnet name resolution as well
|
|
||||||
|
|
||||||
## Setting up your own root
|
|
||||||
|
|
||||||
A tutorial on how to do so is currently in the works.
|
|
BIN
docs/dns/dns.png
Before Width: | Height: | Size: 53 KiB |
|
@ -0,0 +1,124 @@
|
||||||
|
# Servers
|
||||||
|
|
||||||
|
## Rekursiv
|
||||||
|
|
||||||
|
| DNS | IP address |
|
||||||
|
| --- | --- |
|
||||||
|
| recur1.bandura.crxn | fd92:58b6:2b2::5353 |
|
||||||
|
|
||||||
|
## Authoritiv
|
||||||
|
|
||||||
|
# Resolve CRXN domains only
|
||||||
|
|
||||||
|
Advantage:
|
||||||
|
- Very simple configuration
|
||||||
|
|
||||||
|
Disadvantage:
|
||||||
|
- No more access to Clearnet domains
|
||||||
|
- Dependence on one server
|
||||||
|
|
||||||
|
You can enter a recursive CRXN server as your DNS server in the operating system.
|
||||||
|
|
||||||
|
The configuration of this differs depending on the operating system. For example, in Debian without NetworkManager, you can add the following to `/etc/resolv.conf`:
|
||||||
|
```
|
||||||
|
nameserver fd92:58b6:2b2::5353
|
||||||
|
```
|
||||||
|
|
||||||
|
# Run your own forwarder
|
||||||
|
|
||||||
|
Advantage:
|
||||||
|
- Simple configuration
|
||||||
|
|
||||||
|
Disadvantage:
|
||||||
|
- Dependence on one server
|
||||||
|
|
||||||
|
With this method, you run a small DNS server of your own, which receives and forwards requests. This is suitable for one computer or very small networks.
|
||||||
|
|
||||||
|
There are several software you can use for this.
|
||||||
|
|
||||||
|
## Coredns
|
||||||
|
|
||||||
|
This guide is for Debian based systems.
|
||||||
|
First you need to download Coredns. You can find the software at https://coredns.io/. As a download package you get a compressed file. Extract it and make the file `coredns` executable and copy it into the directory `/usr/local/bin`.
|
||||||
|
```
|
||||||
|
$tar xvf coredns_1.10.0_linux_amd64.tgz
|
||||||
|
$chmod +x coredns
|
||||||
|
$sudo cp coredns /usr/local/bin/
|
||||||
|
```
|
||||||
|
|
||||||
|
To start Coredns automatically you can create a Systemd unit:
|
||||||
|
```
|
||||||
|
$ editor /etc/systemd/system/coredns.service
|
||||||
|
```
|
||||||
|
|
||||||
|
Paste the following:
|
||||||
|
```
|
||||||
|
[Unit]
|
||||||
|
Description=CoreDNS DNS server
|
||||||
|
Documentation=https://coredns.io/
|
||||||
|
After=network.target
|
||||||
|
After=alfis.service
|
||||||
|
After=meshnamed.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
PermissionsStartOnly=true
|
||||||
|
LimitNOFILE=1048576
|
||||||
|
LimitNPROC=512
|
||||||
|
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||||
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||||
|
NoNewPrivileges=true
|
||||||
|
User=coredns
|
||||||
|
ExecStart=/usr/local/bin/coredns -conf=/etc/coredns/Corefile
|
||||||
|
ExecReload=/bin/kill -SIGUSR1 $MAINPID
|
||||||
|
Restart=on-failure
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
```
|
||||||
|
|
||||||
|
After that reload systemd:
|
||||||
|
```
|
||||||
|
$sudo systemctl daemon-reload
|
||||||
|
```
|
||||||
|
|
||||||
|
To isolate Coredns, you create a new user:
|
||||||
|
```
|
||||||
|
$sudo adduser --home /etc/coredns/ --disabled-password --disabled-login coredns
|
||||||
|
```
|
||||||
|
|
||||||
|
After that you can create and edit the Coredns configuration file `Corefile`:
|
||||||
|
```
|
||||||
|
editor /etc/coredns/Corefile
|
||||||
|
```
|
||||||
|
|
||||||
|
Paste the following:
|
||||||
|
```
|
||||||
|
crxn., d.f.ip6.arpa. {
|
||||||
|
loop
|
||||||
|
bind 127.0.0.1 ::1
|
||||||
|
forward . fd92:58b6:2b2::5353
|
||||||
|
}
|
||||||
|
```
|
||||||
|
Replace `fd92:58b6:2b2::5353` with your preferred recursive server.
|
||||||
|
With `bind 127.0.0.1 ::1` you bind Coredns to your local machine only, so no one else can access it. If you want to create a network forwarder, you have to remove this line. If you want to restrict the forwarder access only to a specific network, you can use the [ACL Plugin](https://coredns.io/plugins/acl/).
|
||||||
|
|
||||||
|
To resolve Clearnet domains, insert the following:
|
||||||
|
```
|
||||||
|
. {
|
||||||
|
loop
|
||||||
|
bind 127.0.0.1 ::1
|
||||||
|
forward . tls://1.1.1.1 tls://1.0.0.1 tls://2606:4700:4700::1111 tls://2606:4700:4700::1001 {
|
||||||
|
tls_servername 1dot1dot1dot1.cloudflare-dns.com
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,124 @@
|
||||||
|
# Servers
|
||||||
|
|
||||||
|
## Rekursiv
|
||||||
|
|
||||||
|
| DNS | IP address |
|
||||||
|
| --- | --- |
|
||||||
|
| recur1.bandura.crxn | fd92:58b6:2b2::5353 |
|
||||||
|
|
||||||
|
## Authoritiv
|
||||||
|
|
||||||
|
# Resolve CRXN domains only
|
||||||
|
|
||||||
|
Advantage:
|
||||||
|
- Very simple configuration
|
||||||
|
|
||||||
|
Disadvantage:
|
||||||
|
- No more access to Clearnet domains
|
||||||
|
- Dependence on one server
|
||||||
|
|
||||||
|
You can enter a recursive CRXN server as your DNS server in the operating system.
|
||||||
|
|
||||||
|
The configuration of this differs depending on the operating system. For example, in Debian without NetworkManager, you can add the following to `/etc/resolv.conf`:
|
||||||
|
```
|
||||||
|
nameserver fd92:58b6:2b2::5353
|
||||||
|
```
|
||||||
|
|
||||||
|
# Run your own forwarder
|
||||||
|
|
||||||
|
Advantage:
|
||||||
|
- Simple configuration
|
||||||
|
|
||||||
|
Disadvantage:
|
||||||
|
- Dependence on one server
|
||||||
|
|
||||||
|
With this method, you run a small DNS server of your own, which receives and forwards requests. This is suitable for one computer or very small networks.
|
||||||
|
|
||||||
|
There are several software you can use for this.
|
||||||
|
|
||||||
|
## Coredns
|
||||||
|
|
||||||
|
This guide is for Debian based systems.
|
||||||
|
First you need to download Coredns. You can find the software at https://coredns.io/. As a download package you get a compressed file. Extract it and make the file `coredns` executable and copy it into the directory `/usr/local/bin`.
|
||||||
|
```
|
||||||
|
$tar xvf coredns_1.10.0_linux_amd64.tgz
|
||||||
|
$chmod +x coredns
|
||||||
|
$sudo cp coredns /usr/local/bin/
|
||||||
|
```
|
||||||
|
|
||||||
|
To start Coredns automatically you can create a Systemd unit:
|
||||||
|
```
|
||||||
|
$ editor /etc/systemd/system/coredns.service
|
||||||
|
```
|
||||||
|
|
||||||
|
Paste the following:
|
||||||
|
```
|
||||||
|
[Unit]
|
||||||
|
Description=CoreDNS DNS server
|
||||||
|
Documentation=https://coredns.io/
|
||||||
|
After=network.target
|
||||||
|
After=alfis.service
|
||||||
|
After=meshnamed.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
PermissionsStartOnly=true
|
||||||
|
LimitNOFILE=1048576
|
||||||
|
LimitNPROC=512
|
||||||
|
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||||
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||||
|
NoNewPrivileges=true
|
||||||
|
User=coredns
|
||||||
|
ExecStart=/usr/local/bin/coredns -conf=/etc/coredns/Corefile
|
||||||
|
ExecReload=/bin/kill -SIGUSR1 $MAINPID
|
||||||
|
Restart=on-failure
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
```
|
||||||
|
|
||||||
|
After that reload systemd:
|
||||||
|
```
|
||||||
|
$sudo systemctl daemon-reload
|
||||||
|
```
|
||||||
|
|
||||||
|
To isolate Coredns, you create a new user:
|
||||||
|
```
|
||||||
|
$sudo adduser --home /etc/coredns/ --disabled-password --disabled-login coredns
|
||||||
|
```
|
||||||
|
|
||||||
|
After that you can create and edit the Coredns configuration file `Corefile`:
|
||||||
|
```
|
||||||
|
editor /etc/coredns/Corefile
|
||||||
|
```
|
||||||
|
|
||||||
|
Paste the following:
|
||||||
|
```
|
||||||
|
crxn., d.f.ip6.arpa. {
|
||||||
|
loop
|
||||||
|
bind 127.0.0.1 ::1
|
||||||
|
forward . fd92:58b6:2b2::5353
|
||||||
|
}
|
||||||
|
```
|
||||||
|
Replace `fd92:58b6:2b2::5353` with your preferred recursive server.
|
||||||
|
With `bind 127.0.0.1 ::1` you bind Coredns to your local machine only, so no one else can access it. If you want to create a network forwarder, you have to remove this line. If you want to restrict the forwarder access only to a specific network, you can use the [ACL Plugin](https://coredns.io/plugins/acl/).
|
||||||
|
|
||||||
|
To resolve Clearnet domains, insert the following:
|
||||||
|
```
|
||||||
|
. {
|
||||||
|
loop
|
||||||
|
bind 127.0.0.1 ::1
|
||||||
|
forward . tls://1.1.1.1 tls://1.0.0.1 tls://2606:4700:4700::1111 tls://2606:4700:4700::1001 {
|
||||||
|
tls_servername 1dot1dot1dot1.cloudflare-dns.com
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
Getting started
|
# Getting started
|
||||||
===============
|
|
||||||
|
|
||||||
Firstly we'd like to say that we're glad you'd like to join our network and
|
Firstly we'd like to say that we're glad you'd like to join our network and
|
||||||
greater community! This document will provide you with the directions you
|
greater community! This document will provide you with the directions you
|
||||||
|
@ -11,24 +10,23 @@ Below you can follow the steps one-by-one to get yourself familiar with our
|
||||||
practices and inner-workings and by the end you should have all the information
|
practices and inner-workings and by the end you should have all the information
|
||||||
and configuration details needed to get connected!
|
and configuration details needed to get connected!
|
||||||
|
|
||||||
1. [Rules](rules.md)
|
1. [Rules](rules)
|
||||||
* We have **few** but **strict** rules nonetheless
|
* We have **few** but **strict** rules nonetheless
|
||||||
* Zero-tolerance for breaking them
|
* Zero-tolerance for breaking them
|
||||||
2. [Requirements](requirements.md)
|
2. [Requirements](requirements)
|
||||||
3. Registration
|
3. [Registration](registration)
|
||||||
* [Adding your prefix to EntityDB](registration/entitydb.md)
|
|
||||||
4. Setting up routing
|
4. Setting up routing
|
||||||
1. [Forwarding](routing/bird/forwarding.md)
|
1. [Forwarding](routing/bird/forwarding)
|
||||||
2. [Setting up Bird](routing/bird/bird.md)
|
2. [Setting up Bird](routing/bird/bird)
|
||||||
5. Tunneling
|
5. Tunneling
|
||||||
* [Fastd tunneling](tunneling/fastd.md)
|
* [Fastd tunneling](tunneling/fastd)
|
||||||
6. Setting up your home network
|
6. Setting up your home network
|
||||||
* Configuring your hosts
|
* Configuring your hosts
|
||||||
1. Automatically with SLAAC and radv
|
1. Automatically with SLAAC and radv
|
||||||
1. [Setting up radv (router)](radv/index.md)
|
1. [Setting up radv (router)](radv/index)
|
||||||
2. [Setting up SLAAC (hosts)](slaac/slaac.md)
|
2. [Setting up SLAAC (hosts)](slaac/slaac)
|
||||||
* [CRXN DNS](dns/dns.md)
|
* [DNS](dns/home)
|
||||||
|
|
||||||
## What's next?
|
## What's next?
|
||||||
|
|
||||||
Once you're connected there are various things you can do on the network, take a look at [some of he things](services/) you can do.
|
Once you're connected there are various things you can do on the network, take a look at [some of the things](services/) you can do.
|
|
@ -1,5 +1,4 @@
|
||||||
Prefix allocation and registration
|
# Prefix allocation and registration
|
||||||
==================================
|
|
||||||
|
|
||||||
To simply forward IPv6 traffic on CRXN one only needs an IPv6 link-local address which is always guaranteed to be assigned (most of the time), however normally people join CRXN so that they can _also_ host services (and access others) on the inter-network. Therefore, one needs to allocate a prefix and register it to be able to make use of the network in such a manner.
|
To simply forward IPv6 traffic on CRXN one only needs an IPv6 link-local address which is always guaranteed to be assigned (most of the time), however normally people join CRXN so that they can _also_ host services (and access others) on the inter-network. Therefore, one needs to allocate a prefix and register it to be able to make use of the network in such a manner.
|
||||||
|
|
||||||
|
@ -15,4 +14,4 @@ You can generate your ULA you would like to use for CRXN using a tool such as [U
|
||||||
|
|
||||||
Once you have your prefix generated you then are required to register the prefix. This entails adding your prefix to a database known as _EntityDB_ which holds all such entries. This is done in order to ensure there are no clashes with addresses and also doubles as a source of truth in terms of what networks _should_ be available on CRXN along with some information about available services.
|
Once you have your prefix generated you then are required to register the prefix. This entails adding your prefix to a database known as _EntityDB_ which holds all such entries. This is done in order to ensure there are no clashes with addresses and also doubles as a source of truth in terms of what networks _should_ be available on CRXN along with some information about available services.
|
||||||
|
|
||||||
To register your prefix on EntityDB please visit the repository [here](https://codeberg.org/CRXN/entitydb), fork the repository, then follow the [`README.md`](https://codeberg.org/CRXN/entitydb/src/branch/master/README.md) on how to format your entry, create a pull request and wait for approval from a network administrator. Only then will you be allowed to continue with this tutorial.
|
To register your prefix on EntityDB please visit the repository [here](https://codeberg.org/CRXN/entitydb), fork the repository, then follow the [`README.md`](https://codeberg.org/CRXN/entitydb/src/branch/master/README.md) on how to format your entry, create a pull request and wait for approval from a network administrator. Only then will you be allowed to continue with this tutorial.
|
|
@ -31,4 +31,4 @@ We really don't want the scum of internet degeneracy on here (see first subpoint
|
||||||
|
|
||||||
You break the rules, you're going to get removed. We don't take shit here.
|
You break the rules, you're going to get removed. We don't take shit here.
|
||||||
|
|
||||||
**You will be reported to the authorities**
|
**You will be reported to the authorities**
|
|
@ -0,0 +1,3 @@
|
||||||
|
# DNS
|
||||||
|
|
||||||
|
TODO: Add documentation @mark22k
|
|
@ -0,0 +1,3 @@
|
||||||
|
|
||||||
|
- [Setting up radv (router)](radv.html)
|
||||||
|
- [Setting up SLAAC (hosts)](slaac.html)
|
|
@ -9,36 +9,36 @@ Configuring your hosts for automatic IP network and address assignment, DNS and
|
||||||
|
|
||||||
For NetworkManager-based systems do the following. Open up `nm-connection-editor` and you should have a screen appear like this:
|
For NetworkManager-based systems do the following. Open up `nm-connection-editor` and you should have a screen appear like this:
|
||||||
|
|
||||||
![](nm-connection-editor.png)
|
![](../img/slaac/nm-connection-editor.png)
|
||||||
|
|
||||||
Then double click on the wifi or ethernet connection you have active of which connects you to the same LAN as your router and you should see a window like this popup:
|
Then double click on the wifi or ethernet connection you have active of which connects you to the same LAN as your router and you should see a window like this popup:
|
||||||
|
|
||||||
![](nm-connection-window.png)
|
![](../img/slaac/nm-connection-window.png)
|
||||||
|
|
||||||
Then go to the `IPv6` tab and you should see this:
|
Then go to the `IPv6` tab and you should see this:
|
||||||
|
|
||||||
![](ipv6-nm-connection.png)
|
![](../img/slaac/ipv6-nm-connection.png)
|
||||||
|
|
||||||
Now make sure that this part is set to `Automatic`:
|
Now make sure that this part is set to `Automatic`:
|
||||||
|
|
||||||
![](address_acquisition_automatic.png)
|
![](../img/slaac/address_acquisition_automatic.png)
|
||||||
|
|
||||||
And then for the bottom two parts you can choose whatever option you want in these dropdowns:
|
And then for the bottom two parts you can choose whatever option you want in these dropdowns:
|
||||||
|
|
||||||
![](whatever_you_want.png)
|
![](../img/slaac/whatever_you_want.png)
|
||||||
|
|
||||||
Once you have configured that, then hit save and close all those windows:
|
Once you have configured that, then hit save and close all those windows:
|
||||||
|
|
||||||
![](save_connection.png)
|
![](../img/slaac/save_connection.png)
|
||||||
|
|
||||||
What you want to do now is to open `nmtui` (in your terminal) and reactivate that connection, first go to _Activate a connection_:
|
What you want to do now is to open `nmtui` (in your terminal) and reactivate that connection, first go to _Activate a connection_:
|
||||||
|
|
||||||
![](nmtui_main_menu.png)
|
![](../img/slaac/nmtui_main_menu.png)
|
||||||
|
|
||||||
Now reactivate the connection. You can do this by deactivating it and activating it again (unplugging and replugging won't reactivate it - it doesn't reload the profile).
|
Now reactivate the connection. You can do this by deactivating it and activating it again (unplugging and replugging won't reactivate it - it doesn't reload the profile).
|
||||||
|
|
||||||
![](connection_reactivate.png)
|
![](../img/slaac/connection_reactivate.png)
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
And that is it, now you should be connected to CRXN on your laptop via your router.
|
And that is it, now you should be connected to CRXN on your laptop via your router.
|
Before Width: | Height: | Size: 14 KiB After Width: | Height: | Size: 14 KiB |
Before Width: | Height: | Size: 38 KiB After Width: | Height: | Size: 38 KiB |
Before Width: | Height: | Size: 31 KiB After Width: | Height: | Size: 31 KiB |
Before Width: | Height: | Size: 12 KiB After Width: | Height: | Size: 12 KiB |
Before Width: | Height: | Size: 221 KiB After Width: | Height: | Size: 221 KiB |
Before Width: | Height: | Size: 49 KiB After Width: | Height: | Size: 49 KiB |
Before Width: | Height: | Size: 48 KiB After Width: | Height: | Size: 48 KiB |
Before Width: | Height: | Size: 8.5 KiB After Width: | Height: | Size: 8.5 KiB |
Before Width: | Height: | Size: 27 KiB After Width: | Height: | Size: 27 KiB |
Before Width: | Height: | Size: 44 KiB After Width: | Height: | Size: 44 KiB |
Before Width: | Height: | Size: 48 KiB After Width: | Height: | Size: 48 KiB |
Before Width: | Height: | Size: 38 KiB After Width: | Height: | Size: 38 KiB |
Before Width: | Height: | Size: 21 KiB After Width: | Height: | Size: 21 KiB |
Before Width: | Height: | Size: 8.0 KiB After Width: | Height: | Size: 8.0 KiB |
Before Width: | Height: | Size: 16 KiB After Width: | Height: | Size: 16 KiB |
|
@ -1,16 +1,7 @@
|
||||||
<center>
|
|
||||||
<img src="logo.png" width="300">
|
|
||||||
</center>
|
|
||||||
|
|
||||||
<br>
|
# What is it?
|
||||||
|
|
||||||
<center>
|
<img src="./img/map.png" class="pic_right">
|
||||||
<h1>CRXN</h1>
|
|
||||||
</center>
|
|
||||||
|
|
||||||
## What is it?
|
|
||||||
|
|
||||||
<img src="map.png" width=30% height=30% style="float:right;gap;margin-left:20px">
|
|
||||||
|
|
||||||
CRXN stands for **C**ommunity **R**un e**X**pansive **N**etwork. It's a computer network _run by the community for the community_.
|
CRXN stands for **C**ommunity **R**un e**X**pansive **N**etwork. It's a computer network _run by the community for the community_.
|
||||||
We provide an IPv6 (that's the freshest Internet Protocol out there to date) and on CRXN anything that can speak IPv6
|
We provide an IPv6 (that's the freshest Internet Protocol out there to date) and on CRXN anything that can speak IPv6
|
||||||
|
@ -19,6 +10,8 @@ on the "end-to-end" principal of IP - that is to say that if you want to run som
|
||||||
you won't have to worry about NAT-traversal, port forwarding, lack of raw IP support and all the other non-sense that IPv4
|
you won't have to worry about NAT-traversal, port forwarding, lack of raw IP support and all the other non-sense that IPv4
|
||||||
created (due to lack of addresses).
|
created (due to lack of addresses).
|
||||||
|
|
||||||
|
<img src="./img/logo.png" class="crxn_logo pic_left">
|
||||||
|
|
||||||
Compared to the clearnet (normal Internet) there isn't much fuss involved around getting
|
Compared to the clearnet (normal Internet) there isn't much fuss involved around getting
|
||||||
a network ID assigned to you and so forth, we truly are for the community and all our members take some of their own time
|
a network ID assigned to you and so forth, we truly are for the community and all our members take some of their own time
|
||||||
to work on their network and the greater CRXN inter-network as a whole.
|
to work on their network and the greater CRXN inter-network as a whole.
|
||||||
|
@ -110,4 +103,4 @@ Some important links to remember.
|
||||||
|
|
||||||
* The CRXN homepage is: [http://deavmi.assigned.network/projects/crxn](http://deavmi.assigned.network/projects/crxn)
|
* The CRXN homepage is: [http://deavmi.assigned.network/projects/crxn](http://deavmi.assigned.network/projects/crxn)
|
||||||
* The **EntityDB** repository is: [https://codeberg.org/CRXN/entitydb](https://codeberg.org/CRXN/entitydb)
|
* The **EntityDB** repository is: [https://codeberg.org/CRXN/entitydb](https://codeberg.org/CRXN/entitydb)
|
||||||
* This documentation is at: [https://github.com/Community-Run-eXperimental-Network/docs](https://github.com/Community-Run-eXperimental-Network/docs)
|
* This documentation is at: [https://github.com/Community-Run-eXperimental-Network/docs](https://github.com/Community-Run-eXperimental-Network/docs)
|
||||||
|
|
|
@ -1,36 +0,0 @@
|
||||||
Network configuration
|
|
||||||
=====================
|
|
||||||
|
|
||||||
Before we start configuring tunnels and routing we first need to make sure the network of the machine you wish to configure as a CRXN router is configured correctly.
|
|
||||||
|
|
||||||
## Assigning addresses and a subnet
|
|
||||||
|
|
||||||
TODO: Add subnet assignment
|
|
||||||
|
|
||||||
## Enabling forwarding
|
|
||||||
|
|
||||||
We will be setting up the machine that runs bird as a router so therefore
|
|
||||||
we need to make your Linux kernel's network stack not drop IPv6 packets
|
|
||||||
that it receives (addressed to it via Ethernet) but are not addressed to
|
|
||||||
it via IPv6 address - in other words it must try do something with these packets,
|
|
||||||
namely attempt to forward them one hop closer to their initial destination.
|
|
||||||
|
|
||||||
Enabling forwarding on all interfaces can be achieved as follows (you will need
|
|
||||||
to be root):
|
|
||||||
|
|
||||||
```bash
|
|
||||||
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
|
|
||||||
```
|
|
||||||
|
|
||||||
However, after reboot it won't be saved and will go back to its defaults. Therefore
|
|
||||||
what you need to do is to enable forwarding on boot-up, this can be done by
|
|
||||||
adding an additional line to your `/etc/sysctl.conf` (which holds a bunch of
|
|
||||||
these statements), it should look like this:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
net.ipv6.conf.all.forwarding=1
|
|
||||||
```
|
|
||||||
|
|
||||||
TODO: Weird experience with me, only doing `all` made it work
|
|
||||||
|
|
||||||
TODO: Forwarding settings should be placed here
|
|
|
@ -1,11 +1,10 @@
|
||||||
People
|
# People
|
||||||
======
|
|
||||||
|
|
||||||
Get to know some familiar faces!
|
Get to know some familiar faces!
|
||||||
|
|
||||||
# Current administration
|
## Current administration
|
||||||
|
|
||||||
## Tristan B. Kildaire `~deavmi`
|
### Tristan B. Kildaire `~deavmi`
|
||||||
|
|
||||||
<!-- <img src="http://deavmi.assigned.network/profile_pic.jpg"> -->
|
<!-- <img src="http://deavmi.assigned.network/profile_pic.jpg"> -->
|
||||||
|
|
||||||
|
@ -19,14 +18,14 @@ E-mail: `deavmi@redxen.eu`
|
||||||
BNET IRC: `deavmi` (preferred)
|
BNET IRC: `deavmi` (preferred)
|
||||||
Matrix: `deavmi@envs.net`
|
Matrix: `deavmi@envs.net`
|
||||||
|
|
||||||
## Christian Rühringer
|
### Christian Rühringer
|
||||||
|
|
||||||
Amazing German dude.
|
Amazing German dude.
|
||||||
|
|
||||||
Roles: Network services, Routing
|
Roles: Network services, Routing
|
||||||
BNET IRC: `chris2001`
|
BNET IRC: `chris2001`
|
||||||
|
|
||||||
## Ty3r0X `~ty3r0x`
|
### Ty3r0X `~ty3r0x`
|
||||||
|
|
||||||
> Follow The Eye!
|
> Follow The Eye!
|
||||||
|
|
||||||
|
@ -37,7 +36,7 @@ Roles: Network services, Routing, CRXNxDN42 inter-connect maintenance
|
||||||
E-mail: `ty3r0x@chaox.ro`
|
E-mail: `ty3r0x@chaox.ro`
|
||||||
BNET IRC: `ty3r0x`
|
BNET IRC: `ty3r0x`
|
||||||
|
|
||||||
## Marek Küthe `~mark22k`
|
### Marek Küthe `~mark22k`
|
||||||
|
|
||||||
> The hero of CRXN
|
> The hero of CRXN
|
||||||
|
|
||||||
|
@ -50,9 +49,9 @@ Hackint IRC: `mark22k`
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
# Previous administration
|
## Previous administration
|
||||||
|
|
||||||
## Rany `~rany`
|
### Rany `~rany`
|
||||||
|
|
||||||
<!-- <img src="people/rany.png"> -->
|
<!-- <img src="people/rany.png"> -->
|
||||||
|
|
||||||
|
@ -64,7 +63,7 @@ E-mail: `ranycrxn@riseup.net`
|
||||||
BNET IRC: `rany`
|
BNET IRC: `rany`
|
||||||
Matrix: `@rany:fairydust.space`
|
Matrix: `@rany:fairydust.space`
|
||||||
|
|
||||||
## Alex Denes `~caskd`
|
### Alex Denes `~caskd`
|
||||||
|
|
||||||
<!-- <img src="people/caskd.png"> -->
|
<!-- <img src="people/caskd.png"> -->
|
||||||
|
|
||||||
|
@ -73,4 +72,4 @@ European CRXN adminstration, runs the CRXN DNS root name server.
|
||||||
Roles: Network services, CRXN DNS
|
Roles: Network services, CRXN DNS
|
||||||
|
|
||||||
E-mail: `caskd@redxen.eu`
|
E-mail: `caskd@redxen.eu`
|
||||||
BNET IRC: `caskd`
|
BNET IRC: `caskd`
|
|
@ -1,7 +1,4 @@
|
||||||
IPv6 forwarding
|
# IPv6 forwarding
|
||||||
===============
|
|
||||||
|
|
||||||
TODO: Move this to another page
|
|
||||||
|
|
||||||
## Enabling forwarding
|
## Enabling forwarding
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
Fastd tunneling
|
# Fastd tunneling
|
||||||
===============
|
|
||||||
|
|
||||||
This document will help you get peered over a layer-2 VPN using `fastd`.
|
This document will help you get peered over a layer-2 VPN using `fastd`.
|
||||||
|
|
||||||
|
@ -28,23 +27,26 @@ Create a file with the template and instructions below in `/etc/fastd/crxn/fastd
|
||||||
|
|
||||||
```
|
```
|
||||||
# The interface that will connect to the virtual ethernet network fastd connects us to
|
# The interface that will connect to the virtual ethernet network fastd connects us to
|
||||||
interface "crxn%n";
|
|
||||||
mode multitap;
|
mode multitap;
|
||||||
|
|
||||||
# The encryption method (don't change this unless you need to)
|
# The encryption method (don't change this unless you need to)
|
||||||
method "salsa2012+umac";
|
method "salsa2012+umac";
|
||||||
|
|
||||||
# Bind to and listen for incoming connections on this address and port
|
# Bind to and listen for incoming connections on this address and port
|
||||||
bind <ip>:<port>;
|
bind [::]:<port>;
|
||||||
|
|
||||||
# Secret key (you generate this)
|
# Secret key (you generate this)
|
||||||
secret "<secret key>";
|
secret "<secret key>";
|
||||||
|
|
||||||
|
# Do not forward traffic for others
|
||||||
|
forward no;
|
||||||
|
|
||||||
# Setup a peer to allow incoming connections from or initiate a connection too
|
# Setup a peer to allow incoming connections from or initiate a connection too
|
||||||
peer "<peerName>"
|
peer "<peerName>"
|
||||||
{
|
{
|
||||||
remote <type> "<ip>" port <port>;
|
remote <type> "<ip>" port <port>;
|
||||||
key "<peer's public key>";
|
key "<peer's public key>";
|
||||||
|
interface "<interface>";
|
||||||
}
|
}
|
||||||
|
|
||||||
```
|
```
|
||||||
|
@ -52,14 +54,14 @@ peer "<peerName>"
|
||||||
If your system uses ifconfig append
|
If your system uses ifconfig append
|
||||||
```
|
```
|
||||||
# On interface rise run
|
# On interface rise run
|
||||||
on up "ifconfig $INTERFACE up";
|
on up "ifconfig <interface> up";
|
||||||
on down "ifconfig $INTERFACE down";
|
on down "ifconfig <interface> down";
|
||||||
```
|
```
|
||||||
|
|
||||||
If your system uses ip append
|
If your system uses ip append
|
||||||
```
|
```
|
||||||
on up "ip link set dev $INTERFACE up";
|
on up "ip link set dev <interface> up";
|
||||||
on down "ip link set dev $INTERFACE down";
|
on down "ip link set dev <interface> down";
|
||||||
```
|
```
|
||||||
|
|
||||||
The template needs to have the following filled in:
|
The template needs to have the following filled in:
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
|
||||||
|
- [fastd](fastd)
|
||||||
|
- [WireGuard](wireguard)
|
|
@ -0,0 +1,3 @@
|
||||||
|
# WireGuard
|
||||||
|
|
||||||
|
TODO: Add documentation
|