1
0
Fork 0
mirror of https://github.com/NeoCloud/NeoNetwork synced 2024-12-25 13:49:23 +08:00

Merge remote-tracking branch 'upstream/master'

This commit is contained in:
Myer921 2020-05-22 17:28:19 +08:00
commit 52f36b59a1
No known key found for this signature in database
GPG key ID: 9E1B111EDB23F381
45 changed files with 223 additions and 47 deletions

View file

@ -22,19 +22,30 @@ jobs:
run: |
sudo apt update -qq
sudo apt install -y python3 git openssh-client
sudo apt install -y curl
curl -L https://github.com/pyenv/pyenv-installer/raw/master/bin/pyenv-installer | bash
export PATH="$HOME/.pyenv/bin:$PATH"
eval "$(pyenv init -)"
eval "$(pyenv virtualenv-init -)"
pyenv install 3.8.2
pyenv shell 3.8.2
- name: Run roa script
shell: bash
run: |
export PATH="$HOME/.pyenv/bin:$PATH"
eval "$(pyenv init -)"
eval "$(pyenv virtualenv-init -)"
pyenv shell 3.8.2
maxlen4=29
maxlen6=64
mkdir -p roa_dir
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -o roa_dir/roa46_bird2.conf
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -4 -o roa_dir/roa4_bird2.conf
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -6 -o roa_dir/roa6_bird2.conf
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -j -o roa_dir/roa46.json
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -e -o roa_dir/neonetwork.json
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -r -o roa_dir/rfc8416.json
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -o roa_dir/roa46_bird2.conf
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -4 -o roa_dir/roa4_bird2.conf
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -6 -o roa_dir/roa6_bird2.conf
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -j -o roa_dir/roa46.json
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -e -o roa_dir/neonetwork.json
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -r -o roa_dir/rfc8416.json
- name: Upload files
env:

View file

@ -22,16 +22,27 @@ jobs:
run: |
sudo apt update -qq
sudo apt install -y python3 git openssh-client
sudo apt install -y curl
curl -L https://github.com/pyenv/pyenv-installer/raw/master/bin/pyenv-installer | bash
export PATH="$HOME/.pyenv/bin:$PATH"
eval "$(pyenv init -)"
eval "$(pyenv virtualenv-init -)"
pyenv install 3.8.2
pyenv shell 3.8.2
- name: Run roa script
shell: bash
run: |
export PATH="$HOME/.pyenv/bin:$PATH"
eval "$(pyenv init -)"
eval "$(pyenv virtualenv-init -)"
pyenv shell 3.8.2
maxlen4=29
maxlen6=64
mkdir -p roa_dir
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -o roa_dir/roa46_bird2.conf
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -4 -o roa_dir/roa4_bird2.conf
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -6 -o roa_dir/roa6_bird2.conf
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -j -o roa_dir/roa46.json
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -e -o roa_dir/neonetwork.json
python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -r -o roa_dir/rfc8416.json
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -o roa_dir/roa46_bird2.conf
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -4 -o roa_dir/roa4_bird2.conf
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -6 -o roa_dir/roa6_bird2.conf
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -j -o roa_dir/roa46.json
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -e -o roa_dir/neonetwork.json
pyenv exec python3 scripts/roa.py -m ${maxlen4} -M ${maxlen6} -r -o roa_dir/rfc8416.json

View file

@ -1,10 +1,9 @@
# NeoNetwork
A useless VPN network ready for peering!
**WARNING:** This network is not interconnected to DN42 yet
This network is connected with [DN42](https://dn42.net)
Git Repo. [here](https://git.neocloud.tw)
Pull requests are welcomed!
Working language: `zh_* / en_*`
Telegram Group invitation link available at TXT record of `join-telegram.neocloud.tw`
## IXs
@ -27,11 +26,12 @@ Any protocol supported by Bird, Quagga or FRRouting, BGP recommended.
All IPv4 addresses are under the range 10.127.0.0/16
All IPv6 addresses are under the range fd10:127::/32
see routes.txt for allocated domain.
see [route](https://github.com/NeoCloud/NeoNetwork/tree/master/route)
and [route6](https://github.com/NeoCloud/NeoNetwork/tree/master/route6) for allocated subnet.
## DNS
There's a bind9 server on dns.neocloud.tw (10.127.225.2), all domain names are under ".neo".
There's a bind9 server on dns.neocloud.tw (`10.127.225.2` and `fd10:127:5f37:59df::255:2`), all domain names are under ".neo".
## Connection Graph
@ -44,5 +44,6 @@ There's a bind9 server on dns.neocloud.tw (10.127.225.2), all domain names are u
entity/ Entitys
route/ Network subnet allocation
node/ Nodes
peer/ Peering status
vpn/ VPN configuration examples (Tinc & WireGuard)
dns/ Bind9 DNS zone files and example configuration

4
asn/AS134098 Normal file
View file

@ -0,0 +1,4 @@
NAME="Licson Internal Network"
OWNER="licson"
DESC=""
VALID="YES"

3
asn/AS4201270012 Normal file
View file

@ -0,0 +1,3 @@
NAME="Yhi Interconnect"
OWNER="Junde Yhi"
DESC=""

3
asn/AS4201270014 Normal file
View file

@ -0,0 +1,3 @@
NAME="leedagee"
OWNER="leedagee"
DESC=""

3
asn/AS4242420916 Normal file
View file

@ -0,0 +1,3 @@
NAME="alanyhq"
OWNER="alanyhq"
DESC="alanyhq main"

View file

@ -17,6 +17,7 @@ $TTL 604800
10.1 IN PTR neostorage.neonetwork.
80.1 IN PTR NeoSystem.neo.
1.3 IN PTR pan.neo.
16.2 IN PTR caasih.neo.
185.8 IN PTR staph.neo.
187.8 IN PTR staph-cn.neo.

View file

@ -15,13 +15,12 @@ $TTL 604800
root IN CNAME neo.
NeoPDP-11 IN A 10.127.255.1
ucbvax IN A 10.127.255.2
caasih IN A 10.127.0.1
caasih IN A 10.127.2.16
NeoSystem IN A 10.127.255.80
neostorage IN A 10.127.1.10
NeoBOX IN A 10.127.1.20
cklvax IN A 10.127.1.40
NNPCC IN A 10.127.1.63
NeoVAX IN A 10.127.0.38
pan IN A 10.127.3.1
staph IN A 10.127.8.185
staph-cn IN A 10.127.8.187

View file

@ -11,11 +11,10 @@
<h1>NeoNetwork</h1>
<p>A useless VPN network ready for peering!<br/>
<strong>WARNING:</strong> This network is not interconnected to DN42 yet<br/>
This network is connected with <a href="https://dn42.net">DN42</a><br/>
Git Repo. <a href="https://git.neocloud.tw">here</a><br/>
Pull requests are welcomed!<br/>
Working language: <code>zh_* / en_*</code><br/>
Telegram Group invitation link available at TXT record of <code>join-telegram.neocloud.tw</code></p>
Working language: <code>zh_* / en_*</code></p>
<h2>IXs</h2>
@ -33,17 +32,18 @@ megumi.yukipedia.cf (10.127.30.1, ASN 4242421037)
<h2>Routing Protocols</h2>
<p>Any protocol supported by Quagga or FRRouting, recommended to use BGP.</p>
<p>Any protocol supported by Bird, Quagga or FRRouting, BGP recommended.</p>
<h2>IP Addresses</h2>
<p>All IPv4 addresses are under the range 10.127.0.0/16<br/>
All IPv6 addresses are under the range fd10:127::/32<br/>
see routes.txt for allocated domain.</p>
see <a href="https://github.com/NeoCloud/NeoNetwork/tree/master/route">route</a>
and <a href="https://github.com/NeoCloud/NeoNetwork/tree/master/route6">route6</a> for allocated subnet.</p>
<h2>DNS</h2>
<p>There&rsquo;s a bind9 server on dns.neocloud.tw (10.127.225.2), all domain names are under &ldquo;.neo&rdquo;.</p>
<p>There&rsquo;s a bind9 server on dns.neocloud.tw (<code>10.127.225.2</code> and <code>fd10:127:5f37:59df::255:2</code>), all domain names are under &ldquo;.neo&rdquo;.</p>
<h2>Connection Graph</h2>
@ -56,6 +56,7 @@ asn/ BGP AS Number allocation
entity/ Entitys
route/ Network subnet allocation
node/ Nodes
peer/ Peering status
vpn/ VPN configuration examples (Tinc &amp; WireGuard)
dns/ Bind9 DNS zone files and example configuration
</code></pre>

View file

@ -8,3 +8,7 @@ NAME=""
OWNER=""
# Description
DESC=""
# if it's a ASN registered from *NIC, this variable records
# whether members of NeoNetwork have validated its ownership yet
# possible value: "YES" "NO"
VALID=""

View file

@ -16,3 +16,5 @@ CONTACT=(
BABEL=(
""
)
# OpenPGP key fingerprint
AUTH="PGP:"

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
""
)
AUTH=""

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
""
)
AUTH=""

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
""
)
AUTH="PGP:186242204A2EC70438E9CE3B9D9CE43650FF2BAA"

19
entity/Junde Yhi Normal file
View file

@ -0,0 +1,19 @@
NAME="Junde Yhi"
DESC=""
CONTACT=(
"EMAIL:lmy441900@live.com"
"TELEGRAM:@lmy441900"
"MASTODON:@lmy441900@sn.angry.im"
"GITHUB:lmy441900"
)
BABEL=(
"zh-N"
"zh-hans-N"
"zh-hant-2"
"en-3"
"de-0"
"ru-0"
"jp-0"
"fi-0"
)
AUTH="PGP:E6C74782A1FBEE741D09885FD274286F672C800A"

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
"en"
)
AUTH=""

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
""
)
AUTH=""

View file

@ -14,3 +14,4 @@ BABEL=(
"en-2"
"ja-0"
)
AUTH=""

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
"zh|en-1"
)
AUTH=""

View file

@ -11,3 +11,4 @@ BABEL=(
"zh-N"
"en-2"
)
AUTH="PGP:D306BB628837043150CD1E42CA0957540FD996CD"

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
""
)
AUTH=""

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
""
)
AUTH=""

View file

@ -8,5 +8,10 @@ CONTACT=(
"GITHUB: StephDC"
)
BABEL=(
""
"zh-N"
"en-4"
"ja-2"
"es-1"
"fr-1"
)
AUTH=""

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
""
)
AUTH=""

14
entity/alanyhq Normal file
View file

@ -0,0 +1,14 @@
NAME="alanyhq"
DESC=""
CONTACT=(
"EMAIL:"
"TELEGRAM:@alanyhq"
"IRC:alanyhq"
"MASTODON:"
"GITHUB:"
)
BABEL=(
"zh-N"
"en-2"
)
AUTH=""

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
""
)
AUTH=""

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
""
)
AUTH=""

13
entity/leedagee Normal file
View file

@ -0,0 +1,13 @@
NAME="leedagee"
DESC=""
CONTACT=(
"EMAIL:leedageea@gmail.com"
"TELEGRAM:@leedagee"
"IRC:lizr"
"GITHUB:leedagee"
)
BABEL=(
"zh-N"
"en-2"
)
AUTH="PGP:47627D2288B20CC033C7B7D72D83E4E89C15DA36"

13
entity/licson Normal file
View file

@ -0,0 +1,13 @@
NAME="licson"
DESC=""
CONTACT=(
"EMAIL:admin@licson.net"
"TELEGRAM:licson"
"IRC:licson"
"MASTODON:"
"GITHUB:licson0729"
)
BABEL=(
""
)
AUTH=""

View file

@ -10,3 +10,4 @@ CONTACT=(
BABEL=(
""
)
AUTH=""

4
node/leedagee Normal file
View file

@ -0,0 +1,4 @@
ASN="4201270014"
DESC=""
IP=(
)

View file

@ -1,4 +1,5 @@
ASN="4201270007"
DESC=""
DESC="Home of S. aureus in Amsterdam"
IP=(
"10.127.8.185/29"
)

4
node/yhi-h Normal file
View file

@ -0,0 +1,4 @@
ASN="AS4201270012"
DESC=""
IP=(
)

View file

@ -20,8 +20,8 @@ digraph "NeoNetwork Nodes"
magicneko_RU01 [label="M-RU1\n(10.127.4.14,\nfd10:127:0233:7170:2021::10.127.4.14)"]
magicneko_JP03 [label="M-JP3\n(10.127.4.15,\nfd10:127:0233:7170:2021::10.127.4.15)"]
magicneko_CN01 [label="M-CN1\n(10.127.4.101,\nfd10:127:0233:7170:2021::10.127.4.101)"]
staph [label="s.aureus.ga\n(10.127.8.185)\n(AS4201270007)"]
staph_CN [label="cnhome.aureus.ga\n(10.127.8.187)\n(AS4201270007)"]
staph [label="s.aureus.ga\n(10.127.8.185\nfd10:127:7::1)\n(AS4201270007)"]
staph_CN [label="cnhome.aureus.ga\n(10.127.8.187\nfd10:127:7::3)\n(AS4201270007)"]
chenx97 [label="chenx97.neocloud.tw\n(AS4201270003)"]
JerryXiao [label="jpn.neo.jerryxiao.cc\n(10.127.8.193)"]
JerryXiao_SH01 [label="jerryxiao-sh01\n(10.127.8.195)"]

4
route/10.127.14.0,23 Normal file
View file

@ -0,0 +1,4 @@
TYPE="SUBNET"
NAME="LICSON-NET-SUBALLOC-1"
DESC=""
ASN="134098"

4
route/10.127.23.0,29 Normal file
View file

@ -0,0 +1,4 @@
TYPE="SUBNET"
NAME="leedagee"
DESC="leedagee"
ASN="4201270014"

4
route/10.127.5.0,28 Normal file
View file

@ -0,0 +1,4 @@
TYPE=SUBNET
NAME="yhi-h"
DESC="Yhi Interconnect H"
ASN="AS4201270012"

View file

@ -1,4 +1,4 @@
TYPE="SUBNET"
NAME="StaphNet"
DESC="For Staph equipments around the world"
DESC="For Staph-infected equipments around the world"
ASN="4201270007"

View file

@ -0,0 +1,4 @@
TYPE="SUBNET"
NAME="leedagee"
DESC="leedagee"
ASN="4201270014"

View file

@ -1,4 +1,4 @@
TYPE=SUBNET
NAME="CROOM"
DESC="For CROOM connectivity"
NAME="NeoNetwork Origin"
DESC="Neo_Chen's Network"
ASN="4201270000"

4
route6/fd10:127:7::,48 Normal file
View file

@ -0,0 +1,4 @@
TYPE="SUBNET"
NAME="Staph_v6"
DESC="Staph-infected IPv6 subnet - please do not disinfect"
ASN="4201270007"

View file

@ -38,7 +38,7 @@ for i in *; do
if [ "$TYPE" = "LO" ]; then
ip="${i/,32/}"
print_record "$(ipcalc "$ip" 0)" "$NAME.neo" >> "$LO_TEMP"
print_record "$(ipcalc "$ip" 0)" "$NAME.neo." >> "$LO_TEMP"
fi
done
)

View file

@ -99,7 +99,7 @@ if [ $# -lt 1 ]; then
"Usage: table-output.sh <table type>\n" \
"\n" \
" table types:\n" \
" asn, route, people, node\n"
" asn, route, entity, node\n"
fi
arg="$2" # Optional argument
@ -123,15 +123,28 @@ route)
subnet="${subnet/,/\/}"
source "$i"
case "$TYPE" in
TUN30) print_tun30 "$subnet" "$PROTO" "$UPSTREAM" "$DOWNSTREAM";;
SUBNET) print_subnet "$subnet" "$NAME" "$DESC";;
LO) print_lo "$subnet" "$NAME" "$DESC";;
*) errmsg "Invalid \$TYPE in $i\n";;
esac
done
;;
people);;
node);;
entity);;
node)
for i in node/*; do
node="${i#node/}"
source "$i"
echo -e \
"${BRIGHT}${BBLUE}${FYELLOW}========================================${RESET}"
printf "${BRIGHT}${FYELLOW}%12s${RESET} | ${BRIGHT}${FGREEN}%20s${RESET} | ${FCYAN}%s${RESET}\n" "AS${ASN}" "$node" "$DESC"
for ip in "${IP[@]}"; do
printf "\t%s\n" "$ip"
done
done
;;
*) errmsg "Invalid type\n";;
esac

View file

@ -9,9 +9,7 @@ import re
NEONET_ADDR_POOL = ('10.127.0.0/16', 'fd10:127::/32')
NEONET_ADDR_POOL = [ip_network(neo) for neo in NEONET_ADDR_POOL]
IS_NEONET = lambda net: bool([True for neo in NEONET_ADDR_POOL if net.version == neo.version and net.subnet_of(neo)])
if not hasattr(IPv4Network, 'subnet_of'):
IS_NEONET = lambda x: True
print('# [!] IPv4Network has no attr subnet_of, please consider upgrading your python installation')
assert hasattr(IPv4Network, 'subnet_of') # needs at least python 3.7
class BashParser:
def __init__(self):
@ -79,7 +77,7 @@ def neoneo_get_people():
if not f.is_file():
continue
fc = shell2dict(f.read_text())
present_keys = ('name', 'desc', 'contact', 'babel')
present_keys = ('name', 'desc', 'contact', 'babel', 'auth')
assert f.name
people[f.name] = {k: fc.get(k) for k in present_keys}
nic_hdl = name2nichdl(f.name)
@ -88,6 +86,15 @@ def neoneo_get_people():
people[f.name]['nic_hdl'] = nic_hdl
for v in people[f.name].values():
assert v is not None
auth = people[f.name]['auth']
if auth:
method, data = auth.split(':')
assert method in ('PGP', 'SSH')
if method == 'PGP':
assert len(data) == 40 # invaild pgp fingerprint
elif method == 'SSH':
assert data.startswith('ssh-') # invalid ssh pubkey
people[f.name]['auth'] = f"{'pgp-fingerprint ' if method == 'PGP' else ''}{data.strip()}"
except Exception:
print("[!] Error while processing file", f)
raise
@ -171,16 +178,22 @@ def neonet_route2roa(dirname, is_ipv6=False):
print("[!] Error while processing file", f)
raise
roa_entries.sort(key=lambda l: l['asn'])
l_prefix = [_roa['prefix'] for _roa in roa_entries]
for _net1, _net2 in combinations(roa_entries, 2):
net1, net2 = sorted([_net1, _net2], key=lambda net: net['prefix'].prefixlen)
if net1['prefix'].overlaps(net2['prefix']):
if net1['prefix'] != net2['prefix'] and net1['prefix'].supernet_of(net2['prefix']) \
and net2['supernet'] == net1['prefix']:
# This is allowed
pass
else:
print("[!] Error: found", net2, "overlaps", net1)
raise AssertionError # if this is intended, please include SUPERNET=<cidr> in your route
try:
assert net1['prefix'] != net2['prefix']
assert net1['prefix'].supernet_of(net2['prefix'])
s1net, s2net= (net1['supernet'], net2['supernet'])
assert s2net # please include SUPERNET=<cidr> in your route
# if net1(the bigger net) has a supernet s1net, then s1net and net1
# will be checked or must have been checked, same for net2
assert not s1net or s1net in l_prefix # net1.supernet is garbage
assert s2net == net1['prefix'] or s2net in l_prefix # net2.supernet is garbage
except AssertionError:
print("[!] Error: found", net1, "overlaps", net2)
raise
return roa_entries
if __name__ == "__main__":