Changes in 065e248: Updated Whois (markdown)

services/Whois.md

...	...	@@ -5,6 +5,8 @@
5	5	* Subnet assignations
6	6	* DNS root zone for `dn42.`
7	7
	8	+The registry is a git repository, hosted here: [https://git.dn42.us/dn42/registry](https://git.dn42.us/dn42/registry), Changes to the registry are managed by submitting pull requests to the repository, these are then reviewed by the registry maintainers before acceptance.
	9	+
8	10	# Names and numbers
9	11
10	12	dn42 uses some names and numbers, which are declared in the registry. Whenever possible, we try to stick to names and numbers that do not conflict with the ICANN-net or other networks similar to dn42, for instance by using private numbers space.
...	...	@@ -13,7 +15,9 @@ dn42 uses some names and numbers, which are declared in the registry. Whenever
13	15
14	16	dn42 uses 172.20.0.0/14 for IPv4.
15	17
16		-For IPv6, we use ULA (that is, fd00::/8). Some participans also announce globally unique PI/PA address space, but these announcements are not accepted by most other participants. See also the [FAQ](/FAQ#frequently-asked-questions_what-about-ipv6-in-dn42).
	18	+For IPv6, we use ULA (that is, fd00::/8).
	19	+
	20	+See also the howto page covering the [DN42 address space](/howto/Address-Space).
17	21
18	22	## AS numbers
19	23
...	...	@@ -37,25 +41,15 @@ A telegram whois bot owned by [@Oxygen233](https://t.me/oxygen233) is hosted on
37	41
38	42	Privacy mode is enabled, please call the bot with @DN42WhoisBot when necessary.
39	43
40		-# Web interface
	44	+# Web interface and REST API
41	45
42		-[http://explorer.burble.dn42/](http://explorer.burble.dn42/) ([https://explorer.burble.com/](https://explorer.burble.com/) via clearnet) provides a web interface and REST API for querying the DN42 registry.
	46	+[https://explorer.burble.dn42/](https://explorer.burble.dn42/) ([https://explorer.burble.com/](https://explorer.burble.com/) via clearnet) provides a web interface and REST API for querying the DN42 registry.
43	47
44		-A previous web interface hosted at Nixnodes, is no longer working. ([https://io.nixnodes.net/?registry](https://io.nixnodes.net/?registry]))
	48	+The service is provided by [dn42regsrv](https://git.dn42.us/burble/dn42regsrv) which can also be run locally.
45	49
46	50	## Authentication
47	51
48		-To add or edit records with the web interface, authentication is done thanks to maintainer objects. Each maintainer object has a password associated to it.
49		-
50		-The password are not stored in cleartext in the registry: a hash is computed from the password and the name of the maintainer object. To generate such a hash (e.g. in case you forgot your password), use https://io.nixnodes.net/nctlio.php?m=dnr&gen=mypassword&mnt=MYMAINTAINER-MNT
51		-
52		-## REST API with JSON response
53		-
54		-Read-only, responses are encoded in JSON, for details please consult https://rest.dn42/ .
55		-
56		-## Misc
57		-
58		-A read-only interface is also available at http://ix.ucis.dn42/dn42/ ([public](http://ix.ucis.nl/dn42/) or 172.22.166.3). The used PHP scripts are available from UFO a.k.a. Ivo at request.
	52	+See the page on [Registry Authentication](howto/Registry-Authentication)
59	53
60	54	# DNS interface
61	55
...	...	@@ -71,12 +65,6 @@ The Python code for generating the zone from the registry is available on the mo
71	65
72	66	The idea comes from the guys at cymru.com, who provide this service for the Internet (e.g. `AS1.asn.cymru.com`), see https://www.team-cymru.org/Services/ip-to-asn.html#dns
73	67
74		-# Address space
75		-
76		-There is nice 3djs visualisation showing current address space usage: http://dataviz.polynome.dn42/dn42-netblock-visu/registry.html ([public](http://dataviz.polyno.me/dn42-netblock-visu/registry.html) or 172.23.184.71). The input data is taken from the registry.
77		-
78		-Another visualisation shows the prefixes seen by BGP: http://dataviz.polynome.dn42/dn42-netblock-visu/index.html ([public](http://dataviz.polyno.me/dn42-netblock-visu/index.html) or 172.23.184.71).
79		-
80	68	# Software
81	69
82	70	* [[lglass]] is a python implementation for working with the registry. It features a whois server, tools to manipulate the data (DNS zone generation, etc).
...	...	@@ -88,14 +76,11 @@ We have anycast IPv4 and IPv6, both reachable under whois.dn42. IPs are 172.22.0
88	76
89	77	\| person \| dns \| ip \|
90	78	\|------------\|---------------------------\|-----------------\|
91		-\| nixnodes \| whois.nixnodes.dn42 \| 172.22.177.77 / fd42:1107::c0:e \|
92	79	\| org-cccda \| whois.cda.dn42 \| 172.23.96.1 / fd42:23:cda::1 \|
93		-\| w0h \| whois.w0h.dn42 \| 172.22.232.6 / fd2d:a6da:8d1a:1408::6 \|
94	80	\| weiti \| whois.weiti.dn42 \| 172.20.175.253 / fdf7:17d5:de49::43 \|
95		-\| Mic92 \| whois.evenet.dn42 ([whois42d](https://git.dn42.us/dn42/whois42d)) \| 172.23.75.1 / fd42:4992:6a6d::6 \|
96		-\| Fritz \| whois.flhb.de \| 172.22.70.69 / 2001:67c:708:102:5054:ff:fe57:9573 / fdd6:aff6:5f6f:102:5054:ff:fe57:9573 \|
97	81	\| NIA \| whois.nia.dn42 \| 172.20.158.153 / fd00:1926:817:43::1 \|
98	82	\| Lan Tian \| whois.lantian.dn42 \| 172.22.76.108 / fdbc:f9dc:67ad:2547::43 \|
	83	+\| burble \| whois.burble.dn42 \| 172.20.129.8 / fd42:4242:2601:ac43::1 \|
99	84
100	85	### Down?
101	86
...	...	@@ -103,6 +88,9 @@ We have anycast IPv4 and IPv6, both reachable under whois.dn42. IPs are 172.22.0
103	88	\|------------\|---------------------------\|-----------------\|
104	89	\| welterde \| thinkbase.srv.welterde.de \| 46.4.248.201 \|
105	90	\| prauscher \| sheldon.prauscher.dn42 \| 172.22.120.1 \|
	91	+\| w0h \| whois.w0h.dn42 \| 172.22.232.6 / fd2d:a6da:8d1a:1408::6 \|
	92	+\| Mic92 \| whois.evenet.dn42 ([whois42d](https://git.dn42.us/dn42/whois42d)) \| 172.23.75.1 / fd42:4992:6a6d::6 \|
	93	+\| Fritz \| whois.flhb.de \| 172.22.70.69 / 2001:67c:708:102:5054:ff:fe57:9573 / fdd6:aff6:5f6f:102:5054:ff:fe57:9573 \|
106	94
107	95	## Usage
108	96	```sh
...	...	@@ -142,58 +130,3 @@ sudo ruby whoisd.rb nobody
142	130	## Whois restful API
143	131	Note: this service is in beta testing, use at your own risk.
144	132	https://whois.rest.dn42/
145		-
146		-# Monotone
147		-Monotone is an distributed revision control system. Monotone tracks revisions to files, groups sets of revisions into changesets, and tracks history across renames. The design principle is distributed operation making heavy use of cryptographic primitives to track file revisions (via the SHA-1 secure hash) and to authenticate user actions (via RSA cryptographic signatures). Each participant maintains their own revision history store in a local SQLite database. Monotone is especially strong in its support of a diverge/merge workflow, which it achieves in part by always allowing commit before merge. Revisions are exchanged using the custom netsync protocol which shares some conceptual ground with rsync and cvs.
148		- * [Website](http://monotone.ca/)
149		- * [Tutorial](http://monotone.ca/docs/Tutorial.html)
150		-
151		-## Monotone servers
152		-
153		-\| Person \| Address \| Status \|
154		-\|----------\|----------------------------------------\|--------\|
155		-\| crest \| mtn.crest.dn42 \| UP \|
156		-\| siska \| mtn.nixnodes.net (mtn.nixnodes.dn42) \| UP \|
157		-\| dracoling \| dn42.smrsh.net (net.smrsh.dn42) \| UP \|
158		-\| xuu \| mtn.xuu.dn42 (172.22.141.181) \| UP \|
159		-\| zorun \| mtn.polyno.me / mtn.polynome.dn42 (172.23.184.71)\| UP \|
160		-\| Nurtic-Vibe \| mtn.dn42.eu / mtn.grmml.dn42 (172.23.149.20/fd42:23:149:1::20)\| UP \|
161		-\| toBee \| mtn.mhm.dn42 (172.23.67.120)\| UP \|
162		-\| hexa- \| mtn.lossy.network (172.23.42.130) \| UP \|
163		-\| tombii \| mtn.tombii.dn42 (172.22.102.133) \| UP \|
164		-\| Mic92 \| mtn.evenet.dn42 (172.23.75.6/fd42:4992:6a6d::6) \| UP \|
165		-\| weiti \| mtn.weiti.dn42 (172.20.175.251/fdf7:17d5:de49::251) \| UP \|
166		-
167		-
168		-## Monotone branches
169		- * net.dn42.registry: Contains the registry and some related code
170		-
171		-## Client setup
172		-```sh
173		-mtn genkey [email protected]
174		-mtn pubkey [email protected] # send the output to some $monotone_server operator (do NOT send the keypair!)
175		-mtn clone 'mtn://$monotone_server/?net.dn42.*' --branch net.dn42.registry
176		-cd net.dn42.registry
177		-$add_your_objects
178		-mtn add --unknown
179		-mtn ci -k [email protected]
180		-mtn sync
181		-```
182		-
183		-## Server setup
184		-
185		-Debian has a package "monotone-server", with config located in "/etc/monotone".
186		-
187		-### Allowing somebody to write to a monotone server
188		-
189		-If you want to allow somebody else to write to your monotone server (for instance for somebody to sync with you), you first need to import their key, here on Debian:
190		-
191		- mtn --db /var/lib/monotone/default.mtn read < pubkey
192		-
193		-Then edit the file `write-permissions` (`/etc/monotone/write-permissions` on Debian) to add the email address associated with the public key.
194		-
195		-References: http://www.monotone.ca/docs/Basic-Network-Service.html#Basic-Network-Service and https://geti2p.net/en/get-involved/guides/monotone#obtaining-and-deploying-developers-keys
196		-
197		-### Tips and tricks
198		-
199		-Pro-tip: monotone seems to use `SO_V6ONLY`, which is annoying. To bind to both IPv4 and IPv6, use `ADDRESS=":: --bind 0.0.0.0"` in `/etc/default/monotone`.