What is DN42?
Decentralized Network 42, or DN42, is a volunteer “overlay” global network made up of thousands of routers nodes interconnected with each other via VPN tunnels. DN42 operates using Internetrouting protocols such as BGP and OSPF, enabling users to run services such as websites and DNS servers in a similar way to the real internet.
The aim of DN42 is to provide a safe and realistic BGP “sandbox” environment for system administrators to practice using routing and other network technologies. Running a BGP system on the real internet requires paying costly registration fees, whereas DN42 is free to use.
The DN42 wiki homepage is located at https://wiki.dn42.us
This article contains my practical notes on the registering process and setting up the environment in order to connect to DN42.
To join DN42 you first have to download a copy of the current DN42 registry database. This is a text-file directory system which is stored as a Git repository on a Git server at DN42.
The Git repository is maintained by a group of moderators who review and approve all registration requests for using DN42. DN42 assigns the Autonomous Systems Numbers (ASNs) for the BGP routers the users operate as well as the IP address ranges to be used.
This is the DN42 equivalent of a Regional Internet Registry (RIR), such as the ARIN in North America, RIPE for Europe, or the APNIC for Asia Pacific.
The DN42 registry is located at at https://git.dn42.us/dn42/registry
To join DN42 you download a copy of the registry, then add your data to your copy, and then submit a Git change request back to the DN42 main Git registry
First of all you need to sign up to the DN42 Git registry using an email address. Then navigate to the main DN42 Git repository and create a fork of the registry by clicking the ‘Fork’ button. This downloads a copy of the repository to your own Git registry account.
You then add an SSH public key to your registry account so you can then authenticate to it using by Git over SSH from the command-line. You can either use an existing SSH public key that you already have, or else create a new SSH key pair in the usual way, specially for this account as follows:
ssh-keygen -t rsa -b 4096
Then upload this public key to your registry account via your account settings.
You should make sure you sign all your change requests using either a GPG key or an SSH key to prevent other users from submitting false change requests to the registry on your behalf.
The SSH key you used when creating your registry objects has to be deployed to sign all your change requests to validate your identity so they can be accepted by the DN42 registry moderators.
To be sure that you will be using the correct private key for the DN42 Git connection, add the following to your ~/.ssh/config file:
host git.dn42.us
IdentityFile ~/.ssh/your-ssh-private-key
You should now be able to test connecting to the registry, thus:
ssh -T git@git.dn42.us
This initial SSH session should automatically close immediately after connection as it is just a test.
Now you can clone the DN42 Git registry repository:
git clone git@git.dn42.us:your-registry-username-here/registry.git
This downloads a full local copy of the current DN42 registry. You can browse the directory tree and view all of the files, and add your own local changes, before submitting them back to the main DN42 repository.
How To Create DN42 Registry Objects
The structure of the DN42 registry follows closely the structure of an Internet Routing Registry (IRR) which manages the real internet, such as ARIN or RIPE.
All the data submitted to the DN42 registry is shared publicly among the DN42 participants. This allows networks to correctly route traffic correctly around the world in the same way as is done on the real Internet.
To register your network to participate on DN42, you create a series of data files – known as registry objects within your downloaded local copy of the registry. You can use any plain-text editor for this, but it must save in plain (ASCII) text, without any special formatting information. Nano or vi/vim are both suitable for this.
My ASN number is AS4242422352. I selected this from the DN42 registry from the list of freely available ASNs.
Initial DN42 User Registration
I created a Git account on the DN42 Git repository at https://git.dn42.dev/
username: BeeGeePee
pwd: *** (hidden)
email: k*@gmail.com (hidden)
I then uploaded my ssh public key for kevin on intel ie from my linux intel nuc computer to the DN42 Git account at git.dn42.dev.
I could then clone the dn42 repo ok:
kevin@intel:~/dn42$ git clone git@git.dn42.dev:dn42/registry.git Cloning into 'registry'... remote: Enumerating objects: 76982, done. remote: Counting objects: 100% (76982/76982), done. remote: Compressing objects: 100% (24231/24231), done. remote: Total 76982 (delta 55310), reused 73413 (delta 52679) Receiving objects: 100% (76982/76982), 10.19 MiB | 8.68 MiB/s, done. Resolving deltas: 100% (55310/55310), done. kevin@intel:~/dn42$
Next, create a branch for your changes:
The name of the branch. This has to be in the format: <username>-YYYYMMDD/<name>
whereby
<username> is your gitea username.
YYYYMMDD is current date.
<name> is a descriptive name you give for your change.
The branch must be created in the registry on the date described as in the branch name. Create the branch and the push it to the registry straight away:
git checkout BeeGeePee-20210528/mychange
kevin@intel:~/dn42/registry$ git checkout -b BeeGeePee-20210528/mychange Switched to a new branch 'BeeGeePee-20210528/mychange' kevin@intel:~/dn42/registry$
git push –set-upstream origin BeeGeePee-20210528/mychange
kevin@intel:~/dn42/registry$ git push --set-upstream origin BeeGeePee-20210528/mychange Total 0 (delta 0), reused 0 (delta 0) remote: remote: Create a new pull request for 'BeeGeePee-20210528/mychange': remote: https://git.dn42.dev/dn42/registry/compare/master...BeeGeePee-20210528/mychange remote: remote: . Processing 1 references remote: Processed 1 references in total To git.dn42.dev:dn42/registry.git * [new branch] BeeGeePee-20210528/mychange -> BeeGeePee-20210528/mychange Branch 'BeeGeePee-20210528/mychange' set up to track remote branch 'BeeGeePee-20210528/mychange' from 'origin'. kevin@intel:~/dn42/registry$
Next, make the changes on your new branch. See the getting started guide in the Wiki for more information.
Run the schema checking tools to validate your changes before adding and committing to the git repository:
./fmt-my-stuff MNTNER-MNT
./check-my-stuff MNTNER-MNT
./check-pol origin/master MNTNER-MNT
$EDITOR <change some stuff>
git add .
git commit
Note the dot . after git add – this is important!
Remember to add authentication to your mntner object, and also to sign your commit!
The registry includes a number of scripts to help check your request:
fmt-my-stuff <FOO>-MNT: this automatically fixes minor formatting errors
check-my-stuff <FOO>-MNT: this validates your objects with registry requirements
check-pol origin/master <FOO>-MNT: this checks for any policy violations
squash-my-commits: run this to automatically update and squash your local commits
sign-my-commit: this signs your commit using either your pgp key or else by using standard SSH signing
You can browse the registry and have a look at the pull request queue for examples and to see how the process works and the types of questions asked by the registry maintainers.
We will create several types of objects as part of our application to join the DB42 registry:
maintainer objects: which are authenticated so that only you can edit your own objects
person objects: which describe people or organisations and provide contact information, and
resource objects: (AS number, IP subnet, DNS zone, etc).
All objects are simple text files in the specific subfolders, but note that the files must have a specific format.
The files should use spaces and not tabs between the definitions and the values and the attribute values must always start on the 20th space. Do NOT use any TABs!
If you are registering with DN42 as an individual and not as an organisation then “organization” is not required.
Create a file called [NICKNAME]-MNT under data/mntner directory.
My file (file name: dn42/registry/data/mntner/BEEGEEPEE-MNT) looks like this:
kevin@intel:~/cat dn42/registry/data/mntner/BEEGEEPEE-MNT mntner: BEEGEEPEE-MNT admin-c: BEEGEEPEE-DN42 tech-c: BEEGEEPEE-DN42 mnt-by: BEEGEEPEE-MNT source: DN42 auth: ssh-rsa ***** **** (public key hidden) remarks: created 28.5.2021
mntner: maintainer, this is the name of your account.
admin-c: admin contact, this points to a person file, ie [NICKNAME]-DN42.
tech-c: tech contact, this points to a person file, ie [NICKNAME]-DN42.
mnt-by: maintain by, this points to the account itself, ie [NICKNAME]-DN42.
source: this is “DN42”.
auth: this is your authentication info. It can be a GPG public key or an SSH public key.
IMPORTANT! The space between the name and the values for each entry MUST be exactly 20 characters long and must not be altered else the file will be rejected. Do NOT use TABs!
Then create the [NICKNAME]-DN42 under data/person. This holds your personal info eg name and email address:
data/person/BEEGEEPEE-DN42):
person: Kevin
contact: @gmail.com
nic-hdl: BEEGEEPEE-DN42
mnt-by: BEEGEEPEE-MNT
source: DN42
Select an Autonomous System Number
Next you need to select an Autonomous System Number, or ASN for your BGP router.
On the real Internet, ASN range 4200000000 – 4294967294 is reserved for private users, while DN42 uses one small section of it: 4242420000 – 4242423999.
So you need to choose an ASN within this range which is not currently already in use and then create a file under data/aut-num.
To check if a desired AS number is available, use the explorer site at (add your desired AS number):
https://explorer.burble.com/?#/aut-num/AS4242422352
The file items are:
aut-num: Your own ASN.
as-name: The name of the AS. You can set this to [NICKNAME]-AS.
descr: A description of the AS which can be freely chosen.
admin-c: Your network admin contact person, which points to your DN42 person file, ie [NICKNAME]-DN42.
tech-c: Your tech contact person, which points to your DN42 person file, ie [NICKNAME]-DN42.
mnt-by: This points to your DN42 mntner file, ie [NICKNAME]-MNT.
source: This is “DN42”.
So, my aut-num file looks like this:
file data/aut-num/AS4242422352:
aut-num: AS4242422352
as-name: BEEGEEPEE-AS
descr: Peer with me at @gmail.com
admin-c: BEEGEEPEE-DN42
tech-c: BEEGEEPEE-DN42
mnt-by: BEEGEEPEE-MNT
source: DN42
Select an IP Range on DN42
Next you can select your IP range.
Browse the data/inetnum folder and look for a free IP range which you can use.
DN42’s IPv4 addresses have the range 172.20.0.0/14, = ie 172.20.0.0 – 172.23.255.255.
The smallest address block which you can register with DN42 is a /29 range, or 8 IPs.
Of these 8 IPs, only 6 will be usable for servers and other devices, since the first IP is reserved for marking the address range, and the last IP is reserved as the broadcast IP within the block.
Generally though, a /29 range will be adequate if you are a complete beginner who is not running a business or organization.
However, DN42 recommends registering for a /27 range. Remember though that DN42’s IPv4 addresses are a scarce resource. DN42 only has a limited number available, so do not waste them!
You can check for free IPs using:
https://explorer.burble.com/free#/4
http://172.20.45.80/28
16 IPs
Or use http://jodies.de/ipcalc?host=172.20.45.80&mask1=28&mask2=
or
https://www.calculator.net/ip-subnet-calculator.html?cclass=any&csubnet=28&cip=172.20.45.80&ctype=ipv4&printit=0&x=103&y=19
to calculate the ip address range for this subnet /28:
These are the results from both websites:
Address: 172.20.45.80 10101100.00010100.00101101.0101 0000
Netmask: 255.255.255.240 = 28 11111111.11111111.11111111.1111 0000
Wildcard: 0.0.0.15 00000000.00000000.00000000.0000 1111
=>
Network: 172.20.45.80/28 10101100.00010100.00101101.0101 0000 (Class B)
Broadcast: 172.20.45.95 10101100.00010100.00101101.0101 1111
HostMin: 172.20.45.81 10101100.00010100.00101101.0101 0001
HostMax: 172.20.45.94 10101100.00010100.00101101.0101 1110
Hosts/Net: 14 (Private Internet)
IP Address: 172.20.45.80
Network Address: 172.20.45.80
Usable Host IP Range: 172.20.45.81 – 172.20.45.94
Broadcast Address: 172.20.45.95
Total Number of Hosts: 16
Number of Usable Hosts: 14
Subnet Mask: 255.255.255.240
IP Class: C
CIDR Notation: /28
IP Type: Private
So, you would be using 172.20.45.81 for your first machine, and for the others, up to and inculding 172.20.25.94
and the broadcast address for this subnet will be 172.20.25.95
and the network subnet IP is 172.20.45.80
When you have chosen your IP range, create the file under data/inetnum.
The items in the file are:
inetnum: the range of your IP block. Use one of the calculators above for this.
netname: the name of your IP block, ie [NICKNAME]-IPV4).
remarks: & descr: This can be whatever you like.
country: your Internet country-code eg US for United States
admin-c: your admin contact, ie your person file, [NICKNAME]-DN42.
tech-c: your tech contact, ie your person file, [NICKNAME]-DN42.
mnt-by: your mntner file, [NICKNAME]-MNT.
nserver: your dns name servers for reverse resolution of your IP block. If you don’t know this or don’t require this, then you can remove the line.
status: this has a fixed value of ASSIGNED.
cidr: this is the CIDR-format range of your IP block, as for inetnum but expressed in CIDR-format.
source: this is “DN42”.
so, in my case I am using:
http://172.20.45.80/28
= 16 IPs
data/inetnum/172.20.45.80_28
inetnum: 172.20.45.81 – 172.20.45.94
netname: BEEGEEPEE-IPV4
remarks: Peer with me at @gmail.com
descr: Peer with me at @gmail.com
country: DE
admin-c: BEEGEEPEE-DN42
tech-c: BEEGEEPEE-DN42
mnt-by: BEEGEEPEE-MNT
nserver: ns1.beegeepee.dn42
status: ASSIGNED
cidr: 172.20.45.80/28
source: DN42
the country code you can find at https://www.apnic.net/get-ip/get-ip-addresses-asn/check-your-eligibility/iso-3166-codes/
eg
UNITED KINGDOM GB
GERMANY is DE
cat data/inetnum/172.20.45.80_28
kevin@intel:~/dn42/registry/data/inetnum$ cat 172.20.45.80_28 inetnum: 172.20.45.80 - 172.20.45.95 netname: BEEGEEPEE-IPV4 remarks: Peer with me at @gmail.com descr: Peer with me at @gmail.com country: DE admin-c: BEEGEEPEE-DN42 tech-c: BEEGEEPEE-DN42 mnt-by: BEEGEEPEE-MNT nserver: ns1.beegeepee.dn42 status: ASSIGNED cidr: 172.20.45.80/28 source: DN42
Create the Route Objects
The route object authorizes your AS to use the address. If you are going to announce your prefixes in dn42 as is usual, then you need to create a route6 object for ipv6 prefixes as well as a route object for ipv4 prefixes because this information is needed for Route Origin Authorization (ROA) checks.
This will also prevent accidental hijacking of other user’s prefixes. If you don’t do this, then your network is likely to get filtered out by most major BGP peers on DN42!
Create a file under data/route containing:
route: the range of your IP block.
descr: a description (can be anything)
origin: this is the AS you are authorizing to use this IP block. Enter your own ASN!
mnt-by: this is your mntner file, ie [NICKNAME]-MNT.
source: “DN42”.
So, for my ASN number AS4242422352, we create a file: data/route/172.20.45.80_28
and enter:
route: 172.20.45.80/28
descr: Peer with me at @gmail.com
origin: AS4242422352
mnt-by: BEEGEEPEE-MNT
source: DN42
Create an Ipv6 Block
Best choice is a random IPv6 block. You may use some random prefix generator.
eg using the dn42 explorer:
https://explorer.burble.com/free#/6
This generated an ipv6 subnet block of:
fd4c:6516:94e0::/48
The recommended IPv6 prefix size in DN42 is a /48. This provides plenty of address space. (IPv6 has plenty of space available in contrast to IPv4).
Then, at eg https://www.internex.at/de/toolbox/ipv6
calculate the range this gives you:
URL: https://www.internex.at/de/toolbox/ipv6/ip6=fd4c:6516:94e0::/prefix=48
RESULT
Entered Value fd4c:6516:94e0::/48
Address Type Unique-Local address
Expanded IPv6 fd4c:6516:94e0:0000:0000:0000:0000:0000/48
Minimized IPv6 fd4c:6516:94e0::/48
Network fd4c:6516:94e0::/48
First Address fd4c:6516:94e0:0000:0000:0000:0000:0000
Last Address fd4c:6516:94e0:ffff:ffff:ffff:ffff:ffff
Total /64 Networks 65 536
Network fd4c:6516:94e0::/48
So my range for IPv6 for this network is:
fd4c:6516:94e0:0000:0000:0000:0000:0000 – fd4c:6516:94e0:ffff:ffff:ffff:ffff:ffff
After generating your IPv6 block, create a file in data/inet6num similar to IPv4.
The items in the file are:
inet6num: the range of your IP block.
netname: the name of your IP block, ie [NICKNAME]-IPV6).
remarks & descr: can be anything.
country: your country code, ie DE, GB, US etc
admin-c: your admin contact, ie [NICKNAME]-DN42.
tech-c: your tech contact, ie [NICKNAME]-DN42.
mnt-by: your mntner file, ie [NICKNAME]-MNT.
nserver: your dns name servers for reverse resolution of the IP block. If not used, then remove the line.
status: this is “ASSIGNED”.
cidr: the range of your IP block, but expressed in CIDR-format.
source: this is “DN42”.
kevin@intel:~/dn42/registry$ cat data/inet6num/fd4c:6516:94e0::_48 inet6num: fd4c:6516:94e0:0000:0000:0000:0000:0000 - fd4c:6516:94e0:ffff:ffff:ffff:ffff:ffff netname: BEEGEEPEE-IPV6 descr: Peer with me at @gmail.com country: DE admin-c: BEEGEEPEE-DN42 tech-c: BEEGEEPEE-DN42 mnt-by: BEEGEEPEE-MNT nserver: ns1.beegeepee.dn42 status: ASSIGNED cidr: fd4c:6516:94e0::/48 source: DN42
kevin@intel:~/dn42/registry$
Then create a route6 object under data/route6, to authorize your AS to use your selected IP range.
The items in the file are:
route6: the range of your IP block.
descr: a description, whatever you like.
origin: the AS router you are authorizing to use this IP block, ie your ASN.
mnt-by: your mntner file, ie [NICKNAME]-MNT.
source: “DN42”.
kevin@intel:~/DATA/DN42/registry$ cat data/route6/fd4c:6516:94e0::_48 route6: fd4c:6516:94e0::/48 descr: Peer with me at @gmail.com origin: AS4242422352 mnt-by: BEEGEEPEE-MNT source: DN42
kevin@intel:~/DATA/DN42/registry$
I’m adding a dns server, this will be the first free ip in the subnet block, ie just one dns server, the intel nuc, this also has to be configured later.
There should ideally be two, but we will define just one for now.
DNS and Domain Registration
(This is optional)
To register a domain name, create a dns object in the data/dns directory, with domain names and nserver attributes in lowercase.
nano data/dns/beegeepee.dn42 domain: beegeepee.dn42 admin-c: BEEGEEPEE-DN42 tech-c: BEEGEEPEE-DN42 mnt-by: BEEGEEPEE-MNT nserver: ns1.beegeepee.dn42 172.20.45.81 nserver: ns1.beegeepee.dn42 fd4c:6516:94e0:0000:0000:0000:0000:0000 source: DN42
then carry out some checks:
kevin@intel:~/dn42/registry$ ./fmt-my-stuff BEEGEEPEE-MNT kevin@intel:~/dn42/registry$ ./check-my-stuff BEEGEEPEE-MNT [NOTE] ## Scan Started at 2021-05-28 20:47:01 CHECK data/mntner/BEEGEEPEE-MNT PASS MNTNERS: BEEGEEPEE-MNT [NOTE] ## Scan Completed at 2021-05-28 20:47:01 [NOTE] ## Scan Started at 2021-05-28 20:47:01 CHECK data/person/BEEGEEPEE-DN42 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/aut-num/AS4242426834 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/mntner/BEEGEEPEE-MNT PASS MNTNERS: BEEGEEPEE-MNT [INFO] fd4c:6516:94e0::/48 CHECK data/inet6num/fd4c:6516:94e0::_48 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/route6/fd4c:6516:94e0::_48 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/inetnum/172.20.45.80_28 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/dns/beegeepee.dn42 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/route/172.20.45.80_28 PASS MNTNERS: BEEGEEPEE-MNT [NOTE] ## Scan Completed at 2021-05-28 20:47:02 kevin@intel:~/dn42/registry$ kevin@intel:~/dn42/registry$ ./check-pol origin/master BEEGEEPEE-MNT kevin@intel:~/dn42/registry$ ./squash-my-commits Adding dn42registry remote: git@git.dn42.dev:dn42/registry.git Rebasing local changes against the registry master remote: Enumerating objects: 27, done. remote: Counting objects: 100% (27/27), done. remote: Compressing objects: 100% (18/18), done. remote: Total 18 (delta 9), reused 0 (delta 0) Unpacking objects: 100% (18/18), 2.39 KiB | 98.00 KiB/s, done. From git.dn42.dev:dn42/registry * branch master -> FETCH_HEAD * [new branch] master -> dn42registry/master First, rewinding head to replay your work on top of it... Fast-forwarded BeeGeePee-20210528/mychange to dn42registry/master. 0 local commits found, no squash is required kevin@intel:~/dn42/registry$
With that you have created all the object files you need for your DN42 application. Next you need to check the files and then commit the the registry.
Check the Object Files and Commit to the DN42 Registry
Next cd to the root folder of the git repository, and run:
git add .
git commit
The following is a copy-paste of the commands I entered to complete the process. Some edits and corrections were required by the DN42 registry moderators. These were carried out and the results added and committed using git.
kevin@intel:~/dn42/registry$ git add . kevin@intel:~/dn42/registry$ kevin@intel:~/dn42/registry$ git commit [BeeGeePee-20210528/mychange 355a0c222] adding new files Committer: kevin <kevin@intel.fritz.box> Your name and email address were configured automatically based on your username and hostname. Please check that they are accurate. You can suppress this message by setting them explicitly. Run the following command and follow the instructions in your editor to edit your configuration file: git config --global --edit After doing this, you may fix the identity used for this commit with: git commit --amend --reset-author 8 files changed, 61 insertions(+) create mode 100644 data/aut-num/AS4242426834 create mode 100644 data/dns/beegeepee.dn42 create mode 100644 data/inet6num/fd4c:6516:94e0::_48 create mode 100644 data/inetnum/172.20.45.80_28 create mode 100644 data/mntner/BEEGEEPEE-MNT create mode 100644 data/person/BEEGEEPEE-DN42 create mode 100644 data/route/172.20.45.80_28 create mode 100644 data/route6/fd4c:6516:94e0::_48 kevin@intel:~/dn42/registry$ kevin@intel:~/dn42/registry$
I then did:
git config –global –edit
to change the email address of committer to
k*@gmail.com
followed by:
kevin@intel:~/dn42/registry$ git commit On branch BeeGeePee-20210528/mychange Your branch is ahead of 'origin/BeeGeePee-20210528/mychange' by 3 commits. (use "git push" to publish your local commits)
nothing to commit, working tree clean kevin@intel:~/dn42/registry$ git push Enumerating objects: 29, done. Counting objects: 100% (29/29), done. Delta compression using up to 4 threads Compressing objects: 100% (19/19), done. Writing objects: 100% (19/19), 2.41 KiB | 2.41 MiB/s, done. Total 19 (delta 14), reused 0 (delta 0) remote: remote: Create a new pull request for 'BeeGeePee-20210528/mychange': remote: https://git.dn42.dev/dn42/registry/compare/master...BeeGeePee-20210528/mychange remote: remote: . Processing 1 references remote: Processed 1 references in total To git.dn42.dev:dn42/registry.git 979904ffd..a1ee32c10 BeeGeePee-20210528/mychange -> BeeGeePee-20210528/mychange kevin@intel:~/dn42/registry$
and then did:
kevin@intel:~/dn42/registry$ ./squash-my-commits Rebasing local changes against the registry master From git.dn42.dev:dn42/registry * branch master -> FETCH_HEAD Current branch BeeGeePee-20210528/mychange is up to date. 1 local commits found, no squash is required kevin@intel:~/dn42/registry$
Since others may have changed the registry while you’re adding your files, you need to update your repository:
kevin@intel:~/dn42/registry$ git fetch origin master From git.dn42.dev:dn42/registry * branch master -> FETCH_HEAD 979904ffd..e145545c9 master -> origin/master kevin@intel:~/dn42/registry$
then
# Switch to your own branch
NOTE! important: use correct upper and lower case for this name (BeeGeePee) – else does not work!
git checkout BeeGeePee-20210528/mychange
kevin@intel:~/dn42/registry$ git checkout BeeGeePee-20210528/mychange Already on 'BeeGeePee-20210528/mychange' Your branch is up to date with 'origin/BeeGeePee-20210528/mychange'. kevin@intel:~/dn42/registry$
then do:
# If you don’t have a GPG key, remove -S from command
git rebase -i -S origin/master
ie
git rebase -i origin/master
kevin@intel:~/dn42/registry$ git rebase -i origin/master Successfully rebased and updated detached HEAD. kevin@intel:~/dn42/registry$
then to upload your changes to the Git server:
kevin@intel:~/dn42/registry$ git push -f Everything up-to-date kevin@intel:~/dn42/registry$
ok, so far so good…
next, check the git log:
git log
I can see some entries for me in there…
commit a1ee32c10e553b34c4543c5996c4c368b14c25c1 (HEAD -> BeeGeePee-20210528/mychange, origin/BeeGeePee-20210528/mychange) Author: kevin <kevin@intel.fritz.box> Date: Fri May 28 22:55:33 2021 +0200
adding new files
changed committer email to @gmail.com
commit e145545c91c50a7fb2b3c7dc12812d1b84ece276 (origin/master, origin/HEAD, dn42registry/master)
Merge: 979904ffd 60f78449d
Author: <p0tat05@noreply.dn42.us>
Date: Fri May 28 14:12:57 2021 +0000
Merge pull request ‘Register LACERTAE-MNT’ (#833) from lacertae-20210528/register into master
Reviewed-on: https://git.dn42.dev/dn42/registry/pulls/833
Reviewed-by: schema-checker <schema-checker@noreply.dn42.us>
Reviewed-by: <p0tat05@noreply.dn42.us>
commit 60f78449dd53a1099d7cd167f78cb2be97c476cf Author: LACERTAE <lacertae40@gmail.com>
this is the commit hash:
kevin@intel:~/dn42/registry$ git log commit a1ee32c10e553b34c4543c5996c4c368b14c25c1 (HEAD -> BeeGeePee-20210528/mychange, origin/BeeGeePee-20210528/mychange) Author: kevin <kevin@intel.fritz.box> Date: Fri May 28 22:55:33 2021 +0200 adding new files changed committer email to @gmail.com
then I have to do following:
Back to dn42/registry, start a Pull Request and wait for your information to be merged.
If you’re authenticating with SSH pubkey, first run git log to see the hash of your commit, then run this command, and post the result along with your Pull Request:
echo [commit hash] | ssh-keygen -Y sign -f ~/.ssh/id_ed25519 -n dn42
Remember to replace with your commit hash and private key location:
for me:
echo a1ee32c10e553b34c4543c5996c4c368b14c25c1 | ssh-keygen -Y sign -f ~/.ssh/id_rsa.pub -n dn42 kevin@intel:~/dn42/registry$ echo a1ee32c10e553b34c4543c5996c4c368b14c25c1 | ssh-keygen -Y sign -f ~/.ssh/id_rsa.pub -n dn42 Signing data on standard input -----BEGIN SSH SIGNATURE----- U1NIU0l(hidden) xTA3jwX8= -----END SSH SIGNATURE----- kevin@intel:~/dn42/registry$
Next, wait a while, then, after merging your information, you’ve officially obtained your address block.
I then made a correction, in response to an email received:
Re: [dn42/registry] adding new files (#835) Inbox schema-checker <git@dn42.us> 11:44 PM (14 minutes ago) to me @schema-checker requested changes on this pull request. Automatic validation of your request found some errors. Please update your request to fix the errors detailed below: ERROR: fd4c:6516:94e0::_48 (route6): 'Value "fd4c:6516:94e0::_48" does not match regex "(([0-9a-f]{1,4}:){7,7}[0-9a-f]{1,4}|([0-9a-f]{1,4}:){1,7}:|([0-9a-f]{1,4}:){1,6}(:[0-9a-f]{1,4}){1,1}|([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}|([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}|([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}|([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}|([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,6}|:(:[0-9a-f]{1,4}){1,7}|::|([0-9a-f]{1,4}:){6,6}((1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])|([0-9a-f]{1,4}:){1,5}:((1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])|([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,1}:((1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])|([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,2}:((1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])|([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,3}:((1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])|([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,4}:((1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])|:(:[0-9a-f]{1,4}){1,5}:((1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])|::((1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9]?[0-9]|2[0-4][0-9]|25[0-5]))/([1-9]?[0-9]|1[0-1][0-9]|12[0-8])".' ---
kevin@intel:~/dn42/registry/data/route6$
Problem was the _48 for the roue6 definition, have to use /48 …see below:
nano data/route6/fd4c:6516:94e0::_48 route6: fd4c:6516:94e0::/48 descr: Peer with me at @gmail.com origin: AS4242422352 mnt-by: BEEGEEPEE-MNT source: DN42
now corrected. Then did:
kevin@intel:~/dn42/registry$ git commit [BeeGeePee-20210528/mychange 22d72dc61] corrected data/route6 (netmask format was incorrect) Committer: kevin <kevin@intel.fritz.box> Your name and email address were configured automatically based on your username and hostname. Please check that they are accurate. You can suppress this message by setting them explicitly:
git config --global user.name "Your Name" git config --global user.email you@example.com
After doing this, you may fix the identity used for this commit with:
git commit --amend --reset-author 1 file changed, 2 insertions(+), 1 deletion(-) kevin@intel:~/dn42/registry$ kevin@intel:~/dn42/registry$ kevin@intel:~/dn42/registry$ kevin@intel:~/dn42/registry$ git push -f Enumerating objects: 9, done. Counting objects: 100% (9/9), done. Delta compression using up to 4 threads Compressing objects: 100% (5/5), done. Writing objects: 100% (5/5), 447 bytes | 447.00 KiB/s, done. Total 5 (delta 4), reused 0 (delta 0) remote: remote: Visit the existing pull request: remote: https://git.dn42.dev/dn42/registry/pulls/835 remote: remote: . Processing 1 references remote: Processed 1 references in total To git.dn42.dev:dn42/registry.git a1ee32c10..22d72dc61 BeeGeePee-20210528/mychange -> BeeGeePee-20210528/mychange kevin@intel:~/dn42/registry$
Re: [dn42/registry] adding new files (#835)
Inbox
Drone CI Pipeline Account <git@dn42.us>
Fri, May 28, 11:59 PM (1 minute ago)
to me
@pipeline requested changes on this pull request.
This pull requests contains 2 commits, please squash them to a single commit.
The registry contains a helper script for doing this automatically:
$ ./squash-my-commits -S --push Use --help for options. --- View it on DN42 GIT.
kevin@intel:~/dn42/registry$ ./fmt-my-stuff BEEGEEPEE-MNT kevin@intel:~/dn42/registry$ ./check-my-stuff BEEGEEPEE-MNT [NOTE] ## Scan Started at 2021-05-29 08:26:06 CHECK data/mntner/BEEGEEPEE-MNT PASS MNTNERS: BEEGEEPEE-MNT [NOTE] ## Scan Completed at 2021-05-29 08:26:09 [NOTE] ## Scan Started at 2021-05-29 08:26:09 CHECK data/person/BEEGEEPEE-DN42 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/aut-num/AS4242426834 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/mntner/BEEGEEPEE-MNT PASS MNTNERS: BEEGEEPEE-MNT [INFO] fd4c:6516:94e0::/48 CHECK data/inet6num/fd4c:6516:94e0::_48 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/route6/fd4c:6516:94e0::_48 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/inetnum/172.20.45.80_28 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/dns/beegeepee.dn42 PASS MNTNERS: BEEGEEPEE-MNT CHECK data/route/172.20.45.80_28 PASS MNTNERS: BEEGEEPEE-MNT [NOTE] ## Scan Completed at 2021-05-29 08:26:10 kevin@intel:~/dn42/registry$
Had to make some modifications to the objects on request from DN42 administrator, then did:
kevin@intel:~/DATA/DN42/registry$ git add . kevin@intel:~/DATA/DN42/registry$ git commit [BeeGeePee-20210529/mychange ede7100b9] corrections as requested. 5 files changed, 3 insertions(+), 5 deletions(-) rename data/aut-num/{AS4242426834 => AS4242422352} (86%) kevin@intel:~/DATA/DN42/registry$ kevin@intel:~/DATA/DN42/registry$ kevin@intel:~/DATA/DN42/registry$ kevin@intel:~/DATA/DN42/registry$ ./squash-my-commits Rebasing local changes against the registry master From git.dn42.dev:dn42/registry * branch master -> FETCH_HEAD Current branch BeeGeePee-20210529/mychange is up to date. Squashing $count commits ... [BeeGeePee-20210529/mychange cfa0d62e1] squashed commit: 8 files changed, 59 insertions(+) create mode 100644 data/aut-num/AS4242422352 create mode 100644 data/dns/beegeepee.dn42 create mode 100644 data/inet6num/fd4c:6516:94e0::_48 create mode 100644 data/inetnum/172.20.45.80_28 create mode 100644 data/mntner/BEEGEEPEE-MNT create mode 100644 data/person/BEEGEEPEE-DN42 create mode 100644 data/route/172.20.45.80_28 create mode 100644 data/route6/fd4c:6516:94e0::_48 --- commit cfa0d62e16f970e9d89597afe41b576e37b305ae (HEAD -> BeeGeePee-20210529/mychange) Author: kevin < @gmail.com> Date: Sat May 29 16:00:33 2021 +0200
squashed commit: ede7100b9 corrections as requested. ccb67194a branch recloned and pushed --- Remember to sign your commit: ./sign-my-commit FOO-MNT and then push your changes using: git push --force
so I did:
kevin@intel:~/DATA/DN42/registry$ ./sign-my-commit BEEGEEPEE-MNT 1 local commits found, no squash is required Attempting to guess auth method from the mntner object Signing using SSH key ERROR: You must specify your SSH private key using --key kevin@intel:~/DATA/DN42/registry$ ./sign-my-commit BEEGEEPEE-MNT --key /home/kevin/.ssh/id_rsa id_rsa id_rsa.pub
kevin@intel:~/DATA/DN42/registry$ ./sign-my-commit BEEGEEPEE-MNT --key /home/kevin/.ssh/id_rsa 1 local commits found, no squash is required Attempting to guess auth method from the mntner object Signing using SSH key Signing data on standard input [BeeGeePee-20210529/mychange 5698239cc] squashed commit: Date: Sat May 29 16:00:33 2021 +0200 8 files changed, 59 insertions(+) create mode 100644 data/aut-num/AS4242422352 create mode 100644 data/dns/beegeepee.dn42 create mode 100644 data/inet6num/fd4c:6516:94e0::_48 create mode 100644 data/inetnum/172.20.45.80_28 create mode 100644 data/mntner/BEEGEEPEE-MNT create mode 100644 data/person/BEEGEEPEE-DN42 create mode 100644 data/route/172.20.45.80_28 create mode 100644 data/route6/fd4c:6516:94e0::_48 Verifying SSH signature Good "dn42" signature for BEEGEEPEE-MNT with RSA key SHA256:XfgZUCZQ0QRgmrYZ60k4WNbfzwfvqfS4WjjHJvv4ri4 Successfully verified SSH sigature Remember to push your changes using: git push --force
kevin@intel:~/DATA/DN42/registry$ git push --force Enumerating objects: 29, done. Counting objects: 100% (29/29), done. Delta compression using up to 4 threads Compressing objects: 100% (19/19), done. Writing objects: 100% (19/19), 3.42 KiB | 3.42 MiB/s, done. Total 19 (delta 14), reused 0 (delta 0) remote: remote: Visit the existing pull request: remote: https://git.dn42.dev/dn42/registry/pulls/836 remote: remote: . Processing 1 references remote: Processed 1 references in total To git.dn42.dev:dn42/registry.git + ccb67194a...5698239cc BeeGeePee-20210529/mychange -> BeeGeePee-20210529/mychange (forced update)
kevin@intel:~/DATA/DN42/registry$
I made a correction to route6, then did:
kevin@intel:~/DATA/DN42/registry$ git commit [BeeGeePee-20210529/mychange b3760c0b8] corrections to route6 1 file changed, 1 insertion(+), 1 deletion(-) kevin@intel:~/DATA/DN42/registry$ kevin@intel:~/DATA/DN42/registry$ ./sign-my-commit BEEGEEPEE-MNT --key /home/kevin/.ssh/id_rsa 2 local commits found ERROR: Ensure your commits are squashed before signing Run the included script: ./squash-my-commits kevin@intel:~/DATA/DN42/registry$ ./squash-my-commits Rebasing local changes against the registry master From git.dn42.dev:dn42/registry * branch master -> FETCH_HEAD Current branch BeeGeePee-20210529/mychange is up to date. Squashing $count commits ... [BeeGeePee-20210529/mychange 983562dc3] squashed commit: 8 files changed, 59 insertions(+) create mode 100644 data/aut-num/AS4242422352 create mode 100644 data/dns/beegeepee.dn42 create mode 100644 data/inet6num/fd4c:6516:94e0::_48 create mode 100644 data/inetnum/172.20.45.80_28 create mode 100644 data/mntner/BEEGEEPEE-MNT create mode 100644 data/person/BEEGEEPEE-DN42 create mode 100644 data/route/172.20.45.80_28 create mode 100644 data/route6/fd4c:6516:94e0::_48 --- commit 983562dc3f5d6c66ee35f609477ab7eab36c6fb2 (HEAD -> BeeGeePee-20210529/mychange) Author: kevin < @gmail.com> Date: Sat May 29 16:16:31 2021 +0200
squashed commit:
b3760c0b8 corrections to route6 5698239cc squashed commit: --- Remember to sign your commit: ./sign-my-commit FOO-MNT and then push your changes using: git push --force kevin@intel:~/DATA/DN42/registry$ ./sign-my-commit BEEGEEPEE-MNT --key /home/kevin/.ssh/id_rsa 1 local commits found, no squash is required Attempting to guess auth method from the mntner object Signing using SSH key Signing data on standard input [BeeGeePee-20210529/mychange 4fd652322] squashed commit: Date: Sat May 29 16:16:31 2021 +0200 8 files changed, 59 insertions(+) create mode 100644 data/aut-num/AS4242422352 create mode 100644 data/dns/beegeepee.dn42 create mode 100644 data/inet6num/fd4c:6516:94e0::_48 create mode 100644 data/inetnum/172.20.45.80_28 create mode 100644 data/mntner/BEEGEEPEE-MNT create mode 100644 data/person/BEEGEEPEE-DN42 create mode 100644 data/route/172.20.45.80_28 create mode 100644 data/route6/fd4c:6516:94e0::_48 Verifying SSH signature Good "dn42" signature for BEEGEEPEE-MNT with RSA key SHA256:XfgZUCZQ0QRgmrYZ60k4WNbfzwfvqfS4WjjHJvv4ri4 Successfully verified SSH sigature Remember to push your changes using: git push --force
kevin@intel:~/DATA/DN42/registry$ kevin@intel:~/DATA/DN42/registry$ git push --force Enumerating objects: 29, done. Counting objects: 100% (29/29), done. Delta compression using up to 4 threads Compressing objects: 100% (19/19), done. Writing objects: 100% (19/19), 3.40 KiB | 3.40 MiB/s, done. Total 19 (delta 14), reused 0 (delta 0) remote: remote: Visit the existing pull request: remote: https://git.dn42.dev/dn42/registry/pulls/836 remote: remote: . Processing 1 references remote: Processed 1 references in total To git.dn42.dev:dn42/registry.git + 5698239cc...4fd652322 BeeGeePee-20210529/mychange -> BeeGeePee-20210529/mychange (forced update) kevin@intel:~/DATA/DN42/registry$ kevin@intel:~/DATA/DN42/registry$
Then made another correction, this time for dns ipv6 server address, added back to object.
then did:
git add .
git commit
and added ssh public key for kevin@intel to my git dn42 web dashboard (ie copy pasted the public key)
then did:
kevin@intel:~/DATA/DN42/registry$ ./sign-my-commit BEEGEEPEE-MNT --key /home/kevin/.ssh/id_rsa 1 local commits found, no squash is required ERROR: The last commit appears to already be signed --- commit e190e2c92b0e3affdda223ecce4a67db25c4c0c4 (HEAD -> BeeGeePee-20210529/mychange, origin/BeeGeePee-20210529/mychange) Author: kevin < @gmail.com> Date: Sat May 29 16:52:05 2021 +0200
squashed commit:
20a17d8c4 added ipv6 dns b7e5c9501 squashed commit: ### DN42 Signature ### method: ssh ### mntner: BEEGEEPEE-MNT ### text: ae55bb0d1f49e06741046ad23d5c0e0ed064534c -----BEGIN SSH SIGNATURE----- U1NY4****** (hidden) iQfZGYJbD/sek/o= -----END SSH SIGNATURE----- kevin@intel:~/DATA/DN42/registry$ git push --force Everything up-to-date kevin@intel:~/DATA/DN42/registry$
DN42 Application Approved
Final result from DN42 on Git, comment from moderator:
Good "dn42" signature for BEEGEEPEE-MNT with RSA key SHA256:XfgZUCZQ0QRgmrYZ60k4WNbfzwfvqfS4WjjHJvv4ri4 [NOTE] ## Scan Started at 2021-05-29 16:55:00 CHECKdata/mntner/BEEGEEPEE-MNT PASSMNTNERS: BEEGEEPEE-MNT [NOTE] ## Scan Completed at 2021-05-29 16:55:02 [NOTE] ## Scan Started at 2021-05-29 16:55:02 CHECKdata/inetnum/172.20.45.80_28 PASSMNTNERS: BEEGEEPEE-MNT [INFO] fd4c:6516:94e0::/48 CHECKdata/inet6num/fd4c:6516:94e0::_48 PASSMNTNERS: BEEGEEPEE-MNT CHECKdata/route/172.20.45.80_28 PASSMNTNERS: BEEGEEPEE-MNT CHECKdata/aut-num/AS4242422352 PASSMNTNERS: BEEGEEPEE-MNT CHECKdata/person/BEEGEEPEE-DN42 PASSMNTNERS: BEEGEEPEE-MNT CHECKdata/dns/beegeepee.dn42 PASSMNTNERS: BEEGEEPEE-MNT CHECKdata/route6/fd4c:6516:94e0::_48 PASSMNTNERS: BEEGEEPEE-MNT CHECKdata/mntner/BEEGEEPEE-MNT PASSMNTNERS: BEEGEEPEE-MNT [NOTE] ## Scan Completed at 2021-05-29 16:55:03 [INFO] [[['@as-min', 'AS0000000001'], ['@as-max', 'AS4294967294'], ['as-block', 'AS1-AS4294967294'], ['mnt-by', 'DN42-MNT'], ['policy', 'closed']], [['@as-min', 'AS4242420000'], ['@as-max', 'AS4242423999'], ['as-block', 'AS4242420000-AS4242423999'], ['mnt-by', 'DN42-MNT'], ['policy', 'open']]] [NOTE] Policy is open for parent object POLICY BEEGEEPEE-MNTaut-num AS4242422352PASS [NOTE] beegeepee.dn42 does not currently exist POLICY BEEGEEPEE-MNTdns beegeepee.dn42PASS [INFO] Checking inetnum type [INFO] ['fd4c651694e000000000000000000000', 'fd4c651694e0ffffffffffffffffffff', '048'] [NOTE] Policy is open for parent object POLICY BEEGEEPEE-MNTinet6num fd4c:6516:94e0::/48PASS [INFO] Checking inetnum type [INFO] ['00000000000000000000ffffac142d50', '00000000000000000000ffffac142d5f', '124'] [NOTE] Policy is open for parent object POLICY BEEGEEPEE-MNTinetnum 172.20.45.80/28PASS [NOTE] BEEGEEPEE-MNT does not currently exist POLICY BEEGEEPEE-MNTmntner BEEGEEPEE-MNTPASS [NOTE] BEEGEEPEE-DN42 does not currently exist POLICY BEEGEEPEE-MNTperson BEEGEEPEE-DN42PASS [INFO] Checking route type [INFO] ['00000000000000000000ffffac142d50', '00000000000000000000ffffac142d5f', '124'] [NOTE] Policy is open for parent object POLICY BEEGEEPEE-MNTroute 172.20.45.80/28PASS [INFO] Checking route type [INFO] ['fd4c651694e000000000000000000000', 'fd4c651694e0ffffffffffffffffffff', '048'] [NOTE] Policy is open for parent object POLICY BEEGEEPEE-MNTroute6 fd4c:6516:94e0::/48PASS
p0tat05 approved these changes 1 week ago branch recloned and pushed #836 Merged p0tat05 merged 1 commits from BeeGeePee-20210529/mychange into master 1 week ago
p0tat05 approved these changes 1 week ago p0tat05 merged commit 2e3e0e9e01 into master 1 week ago p0tat05 referenced this issue from a commit 1 week ago Merge pull request 'branch recloned and pushed' (#836) from BeeGeePee-20210529/mychange into master p0tat05 deleted branch BeeGeePee-20210529/mychange 1 week ago p0tat05 removed the authentication pending label 1 week ago
With that the application is completed and we are now approved by DN42. Finito!