Routing Policy

BIRD is used as the routing daemon with ROA and dn42 subnet filtering enabled.
The following metrics are automatically examined in the described order to choose through which peer a prefix is routed:

Direct routes to prefixes belonging to peers are always chosen
The network with the lowest BGP path length
If the prefix BGP path length is the same accross multiple peers, the network with the lowest latency is chosen

BGP Communities

The following BGP Communities are supported:

All standard DN42 communities are applied as described in the wiki
A region community is added to each route denoting in which region it was learned

ROA Validation

Route Origin Authentication (ROA) is used to validate if the originating AS is allowed to advertise a prefix.

Invalid ROA is filtered
Unknown ROA is accepted

Frequently asked questions

Peering with Kioubit

There are a couple of things you can verify:

If you just recently registered with the registry, wait about a day until the ROA filtering is updated across all DN42 nodes
Ping the BGP-Endpoint address which can be found on the Dashboard to see if the OpenVPN/WireGuard connection is working
Check if the BGP Session is established
Check if your source address is set correctly. You can do this for example with the command: ip route get 172.20.14.33 and by looking at what "src" address is shown there. It should be an IP address that you are advertising via BGP
Make sure you have set the systctl rp_filter value to 0 (required)
Check the network troubleshooting tool which you can find on the services page

WireGuard will not attempt a handshake with the remote side if no traffic needs to be sent. For testing, try to ping the remote tunnel IP to generate some traffic and force the handshake process.

Yes, people have successfully peered with the Kioubit network using:

Mikrotik routers (confirmed with RouterOS v7 and higher)
Ubiquiti routers (confirmed with Ubiquiti EdgeRouter-X)
FRR bgp daemon software
BIRD bgp daemon software
OPNsense software in combination with FRR
Quagga bgp daemon software (not recommended)

Yes, peers from dynamic IP addresses are fully supported.

Check the traceroute and the troubleshooting tool which you can find on the services page. If you find that an address is not reachable, it does not mean that there is a problem with the Kioubit Network. Sometimes there might be routing issues elsewhere or the IP address may not be online.

Due to the nature of the DN42 network, which is built on top of the public internet using VPN technologies, high ping times are common. The Kioubit Network is constantly trying to optimize latency and maitains the lowest latency metrics across dn42.

Router setup

Find the tutorial here: Learn more

Find the registry here: Learn more

Information

Peering with Kioubit

I cannot access anything or only some destinations on DN42

The WireGuard interface does not connect or shows no handshakes

Is the Kioubit Network compatible with Mikrotik/Ubiquiti/FRR/Other?

Does the Kioubit Network support peerings from dynamic IP addresses?

How can I check whether the problem is on my side or not?

A particular destination on the DN42 Network has too high latency

Router setup

How do I setup BGP?

How do I setup WireGuard?

Where can I find the registry?