Building a lightweight and secure route server for BIRD

As I've written about previously, I'm a big fan of the BIRD routing daemon project. The idiomatic configuration syntax is a welcome change from the industry standard CLI style config, especially as someone coming from a software development background is concerned. I've written a few utilities that help with using…

Fosshost+aarch64 Network Architecture

The network architecture planned for the Fosshost aarch64 deployment is a little different from a conventional "cloud" virtualization system: we have very little layer 3 infrastructure. Instead, the network relies on a large layer 2 domain. Each server acts as both a hypervisor and router, and operates independently of the…

Anycast CDN update

One of my projects lately has been building an anycast CDN for authoritative DNS and HTTP caching. Back in August I wrote about the first deployment of the project (https://blog.natesales.net/building-an-anycast-cdn/), but it's been a few months and I've made some big changes so I figured it's…

Introduction to BGP communities

Aside from flowspec (Which incidentally was the cause of last week's internet outage), BGP communities are the primary means of adding information to routes for the purpose of traffic engineering, DDoS mitigation, or anything else that you might want to signal in a network. They're really very simple in theory;…