Meeting 2018-02-14

Agenda

• The new router in Coloclue's rack at DCG!
• Tunnels: to encrypt or not to encrypt?
• What are we going to do with all those IPv6 addresses RIPE is assigning to us?
• Implementing Babel routing and Gluon firmware
• Usage of the amsw.nl DNS zone
• Services in the network
• Node maintenance
• Wireless interference

Minutes

• Location: Technologia Incognita
• Present: Hark, Bastian, Martin, Imre, TG, Stepan.
• We will not request an AS number until we can get multihomed by peering with another ISP, or if we lease a /24 from Torservers.net.
• Imre will provision the new router with Ansible once the IPv6 addresses are assigned.
• We will not encrypt tunnels because of overhead (and resulting increase in electricity costs) and the false sense of security (parts of the path are unencrypted). Wireless backbone links will stay WPA2-encrypted because we don't want the public to directly connect.
• Gluon routers will be configured to use one /64 for the mesh routing interface (Babel), and another /64 for use by clients (SLAAC).
• Freifunk flensburg, kiel, nordwest and nord (fnord) experiment with Babel. See nordcon.
• Using only Babel in the mesh is preferred over using both Babel and OSPF.
• Hark and Imre will figure out if Babel supports hostname announcements.
• Dual stack with distributed DHCP for all connected devices is preferred, DS-Lite is another option. NAT64 is a last resort.
• Imre will look at distributing the amsw.nl zone in the mesh with Git.
• Every node will run a caching DNS forwarder, we will need to run DNS resolvers in the network (possibly using anycast, which Babel supports)
• Every node needs a reverse DNS entry for easy network diagnostics.
• Services in the network and backbone node maintainers should be listed in the wiki.
• Stepan will look at moving clientwfc on the ACTA roof a bit, the fresnel zone is partially obstructed by a wall right now.
• Next meeting: 2018-02-28 @ ADM