Building a lightweight and secure route server for BIRD

As I've written about previously, I'm a big fan of the BIRD routing daemon project. The idiomatic configuration syntax is a welcome change from the industry standard CLI style config, especially as someone coming from a software development background is concerned. I've written a few utilities that help with using…

ARM-64 Network Architecture

I recently wrote a post for the ARM-64.com blog, going over how we're planning to use a large layer 2 network for VM hosting. Check it out at the link here: https://arm-64.com/post/infrastructure-overview…

Anycast CDN update

One of my projects lately has been building an anycast CDN for authoritative DNS and HTTP caching. Back in August I wrote about the first deployment of the project (https://blog.natesales.net/building-an-anycast-cdn/), but it's been a few months and I've made some big changes so I figured it's…

Automating BGP - for real this time

Ever since I started an Autonomous System on the internet a few years ago, I've dealt with the monotonous task of configuring new neighbor sessions. Don't get me wrong, peering is a great thing and I always enjoy turning up new peers - but manually writing the config each time…

Developing stateful anycast architecture: SSL+HTTP/3

A few months ago I wrote about the CDN that I've been building to learn about anycast routing (link). Almost everything about the CDN has changed as I've completely rewritten the system. One of the challenges faced by the new platform is I wanted to give HTTP a try over…

BGP Path Selection

The fundamental part of BGP is it's best path selection algorithm. BGP follows a strict order of route selection. WeightLocal preferenceOriginAS path lengthOrigin codeMEDeBGP/iBGPIGP metric to BGP next hopOldest pathRouter IDNeighbor addressWeightWeight is an attribute specific to Cisco, and takes highest priority on their routers. Higher weight means higher…

Introduction to BGP communities

Aside from flowspec (Which incidentally was the cause of last week's internet outage), BGP communities are the primary means of adding information to routes for the purpose of traffic engineering, DDoS mitigation, or anything else that you might want to signal in a network. They're really very simple in theory;…

Building an Anycast CDN for fun and profit

In simple terms, anycast is just a route with multiple next-hops. More generally it's the routing method that allows a single IP address to be routed to multiple endpoints. While seemingly basic enough, it allows for some really interesting network use cases. It's also hard to experiment with in a…