186526
/
net186-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(irr-filter): allow RADB
continuous-integration/drone/push Build is passing Details

This commit is contained in:
186526 2024-12-17 00:12:00 +08:00
parent 3f59afd16c
commit c0d6d7cdf3
No known key found for this signature in database
GPG Key ID: 2ED6600900186526
3 changed files with 9 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.drone.yml
View File

@ -40,8 +40,8 @@ steps:
image: debian:latest
commands:
- apt-get update -y && apt-get install bgpq4 git -y
- echo "define $(bgpq4 -tbl DOWNSTREAM_ASN AS-NET186 -S RIPE,ARIN,APNIC,AFRINIC,LACNIC -L 6)" > util/irr-filter.conf
- echo "define $(bgpq4 -6bl DOWNSTREAM_PREFIXES AS-NET186 -S RIPE,ARIN,APNIC,AFRINIC,LACNIC,RPKI -A -R48)" >> util/irr-filter.conf
- echo "define $(bgpq4 -tbl DOWNSTREAM_ASN AS-NET186 -S RIPE,ARIN,APNIC,AFRINIC,LACNIC,RADB -L 6)" > util/irr-filter.conf
- echo "define $(bgpq4 -6bl DOWNSTREAM_PREFIXES AS-NET186 -S RIPE,ARIN,APNIC,AFRINIC,LACNIC,RPKI,RADB -A -R48)" >> util/irr-filter.conf
- echo "net.186526.xyz" >> CNAME
- git rm -f ansible
- name: push to repo

13
readme.md
View File

@ -34,11 +34,11 @@ For your convenience, here are more info about peering.
186526 Network has implemented serveral policies to improve security, including:
1. IRR Filter - Our system will automatically retrieve ASN & IP list from IRRDB (RIPE,ARIN,APNIC,AFRINIC,LACNIC) using bgpq4. [^1]
1. IRR Filter - Our system will automatically retrieve ASN & IP list from IRRDB (RIPE,ARIN,APNIC,AFRINIC,LACNIC,RADB) using bgpq4. [^1]
2. RPKI Filter - Our system will validate RPKI information from Cloudflare. We will drop invalid prefix.
[^1]: Due to security and trust issues, we do not support AS-SET from RADB/ALTDB or other IRRDBs.
[^1]: Due to security and trust issues, we do not support AS-SET from ALTDB or other IRRDBs.
### Transit
@ -51,15 +51,12 @@ To get in touch with me, please send mail to the following mailboxes.
- Abuse: `abuse@186526.xyz`
- NOC: `noc@186526.xyz`
<!-- ## AS112 Project
## AS112 Project
We operate an AS112 server in Seattle, WA, which is IPv6 only.
We operate an AS112 server globalwide, which is IPv6 only.
It uses CoreDNS as DNS server software.
Unicast IPv6: `2a06:a005:2924::112`
The server is provided Transit by AS200536 and establish BGP Session with Route Server of MoeIX SEA.
If you want to peering with this server, please contact `noc@186526.xyz`. -->
If you want to peering with this server, please contact `noc@186526.xyz`.
## About Sunoaki Network LLC

4
util/irr-filter.conf
View File

@ -1,8 +1,8 @@
# Example:
# define DOWNSTREAM_ASN = [ 200536 ];
# use bgpq4 generate this file:
# echo "define $(bgpq4 -tbl DOWNSTREAM_ASN AS-NET186 -S RIPE,ARIN,APNIC,AFRINIC,LACNIC -L 6)" > util/irr-filter.conf
# echo "define $(bgpq4 -6bl DOWNSTREAM_PREFIXES AS-NET186 -S RIPE,ARIN,APNIC,AFRINIC,LACNIC,RPKI -A -R48)" >> util/irr-filter.conf
# echo "define $(bgpq4 -tbl DOWNSTREAM_ASN AS-NET186 -S RIPE,ARIN,APNIC,AFRINIC,LACNIC,RADB -L 6)" > util/irr-filter.conf
# echo "define $(bgpq4 -6bl DOWNSTREAM_PREFIXES AS-NET186 -S RIPE,ARIN,APNIC,AFRINIC,LACNIC,RPKI,RADB -A -R48)" >> util/irr-filter.conf
define DOWNSTREAM_ASN = [ 200536 ];