dn42
dn42[a] is a decentralized peer-to-peer network built using VPNs and software/hardware BGP routers.[1][2][3][4]
While other darknets try to establish anonymity for their participants, that is not what dn42 aims for. It is a network to explore routing technologies used in the Internet and tries to establish direct non-NAT-ed connections between the members.
The network is not fully meshed. dn42 uses mostly tunnels instead of physical links between the individual networks. Each participant is connected to one or more other participants.[5][6] Over the VPN or the physical links, BGP is used for inter AS routing. While OSPF is the most commonly used protocol for intra AS routing, each participant is free to choose any other IGP, like Babel, inside their AS.[7]
History
The DN42 project grew out of the popular PeerIX project started by HardForum members in mid-2009. The PeerIX project, while small in initial numbers grew to over 50 active members with a backlog of 100 requests to join the network. Ultimately the project was unable to meet the demand of user scale and eventually deprecated (though many of the core member team still have their networks online.)[8]
The founding members of the DN42 project tried to unsuccessfully rekindle the PeerIX project(through the private google group) and instead formed their own IPv6 only network, successfully scaling it to the size it is today.
Technical setup
Address space
Network
For IPv6,
AS numbers
In order to use
BGP routers
While some participants use hardware routers, most participants use general purpose
DN42 TLD
Websites and services hosted on the Dn42 network often use the top-level domain dn42. This is not an official IANA top-level domain, and it is handled through the dn42 registry. Internal anycast servers for dn42 are found at 172.20.0.53, 172.23.0.53, and fd42:d42:d42:54::1, fd42:d42:d42:53::1.
Registry
To ensure uniform administration of IP addresses and domains, there is also a registry in dn42, as in Clearnet. This is based on Git[17] in dn42 and therefore also offers the option of storing these in a decentralized manner. Furthermore, all changes can be clearly traced back to an author. To make a change in the dn42 (e.g. a registration[18]), a pull request is created with the corresponding change. One of the registry maintainers then looks at this, validates it (including syntactically) and also verifies it (checking the authorization and signature). A participant must be authorized to make a change. This is verified by a signature using a GPG or SSH key.[19]
Interconnections
The dn42 maintains a number of links to similar projects:[20]
Name | v4 | v6 | TLD |
---|---|---|---|
NeoNetwork | X | X | .neo |
Freifunk IC-VPN | X | X | Various |
ChaosVPN | X | X | .hack |
CRXN[21] | X | .crxn |
Certificate Authority
The dn42 has its own (unofficial) Certificate Authority (CA).[22] This can be used to issue TLS certificates, for example for HTTPS. Ownership can be verified with ACME, as with Let's Encrypt.
In addition, the NeoNetwork also operates its own CA for the .neo TLD and the associated network area.[23] The ChaosVPN, IC-VPN and the CRXN do not have a CA. In order to prevent the CA from issuing certificates for Clearnet addresses, name constraints[24] are used which limit the name validity range of the CA. This means that the CA cannot be used for Clearnet addresses.
Services
The following is a selection of services in the dn42:
Service | v4 | v6 | DNS |
---|---|---|---|
Basic "What is my IP service"-Service | 172.20.0.81 | fd42:d42:d42:81::1 | http://myip.dn42/ |
dn42 wiki | 172.23.0.80 | fd42:d42:d42:80::1 | https://wiki.dn42/ / https://internal.dn42/ |
Internal dn42 IRC | irc.dn42 | ||
Global Route Collector | 172.20.129.4 | fd42:4242:2601:ac12::1 | 172.20.129.4 |
Notes
- ^ Abbreviation of Decentralized network 42
References
- ^ "Home". dn42.dev. Retrieved 2024-01-06.
- ^ Tian, Lan. "DN42 Experimental Network: Intro and Registration (Updated 2022-12)". Lan Tian @ Blog. Retrieved 2024-01-06.
- ^ "Prelude: Connecting to the DN42 Overlay Network". www.jamieweb.net. Retrieved 2024-01-06.
- ^ Usman (2021-11-22). "DN42 Part 1: Connecting to the DN42 BGP Mesh". Usman. Retrieved 2024-01-06.
- ^ "DN42 Network Map". nixnode. Retrieved 19 April 2021.
- ^ "DN42 Network Infos (with map)". Strategic Explorations. Retrieved 19 April 2021.
- ^ "Multiple servers on dn42: iBGP and IGPs | jlu5". jlu5.com. Retrieved 2024-01-06.
- ^ "PeerIX - Official thread". [H]ard|Forum. Retrieved 2022-10-10.
- ^ a b "dn42 address space". Retrieved 19 April 2021.
- ^ "ChaosVPN IP ranges". Retrieved 19 April 2021.
- ^ "ICVPN IP ranges". GitHub. Retrieved 19 April 2021.
- ^ a b "NeoNetwork Github Repo". GitHub. Archived from the original on 2020-11-22.
- ^ "Prefix allocation and registration - CRXN". CRXN project homepage. Archived from the original on 2023-09-24. Retrieved 2024-01-06.
- ^ "Frequently Asked Questions". Retrieved 19 April 2021.
- ^ "AS numbers". Retrieved 19 April 2021.
- ^ "What BGP daemon should I use?". Retrieved 22 April 2018.
- ^ "FAQ". dn42.dev. Retrieved 2024-01-06.
- ^ "Getting-Started". dn42.dev. Retrieved 2024-01-06.
- ^ "Registry-Authentication". dn42.dev. Retrieved 2024-01-06.
- ^ "Interconnections". dn42.dev. Retrieved 2024-01-06.
- ^ Velloza Kildaire, Tristan B. (2023-01-31). "Announcing the CRXNxDN42 inter-connect!". Announcing the CRXNxDN42 inter-connect!. Archived from the original on 2023-09-24. Retrieved 2024-01-06.
- ^ "Certificate-Authority". dn42.dev. Retrieved 2024-01-06.
- ^ "NeoNetwork/ca/neonetwork.crt at master · NeoCloud/NeoNetwork". GitHub. Retrieved 2024-01-06.
- ^ "Certificate-Authority". dn42.dev. Retrieved 2024-01-06.