Clement CavadoreJan 19
OK... 😅
#PushDaStuff
Łukasz Bromirski Jan 11, 2025
Annual reminder: I'm running various free projects for networking community - BGP feeds with bogons, FlowSpec, geo information for country filtering, full IPv4/IPv6 global table, RPKI RSes and AS112 sinkholes. All documented here: https://lukasz.bromirski.net/projects/ #bgp #as112 #anycast #freebsd #iosxr #xrv9000 #pushdastuff
projects

below you can see some of the community projects I created/actively maintaining: AS 112 - world wide project to sinkhole RFC 1918 DNS traffic locally within countries/geos and avoid slamming DNS root servers; I’m maintaining three AS112 servers in different parts of Poland BGP Blackholing - open BGP route server project, that provides “bogons” feed via dynamic BGP peering BGP Full Feed - open BGP route server that provides full DFZ view of IPv4/IPv6 BGP table

lukasz.bromirski.net
Łukasz Bromirski Aug 9, 2023
Doing geoblocking is generally doing 'security by building false sense of it'. However, sometimes somebody forces you to do it anyway. If you know what you're doing, take a look here - any feedback on this is great! https://lukasz.bromirski.net/bgp-geo-blackholing/ #bgp #geoblocking #iosxr #pushdastuff
BGP Geo-Blackholing project

what it’s all about? in the internet, not all IPv4 and IPv6 prefixes will be sources or destinations of traffic you’d like to have anything common with. some of them will be used or controlled by bad actors that can try to compromise your network (you have been likely selected at random, do not flatter yourself) or other evil goals. why would you like to receive that traffic? or send traffic towards them?

lukasz.bromirski.net
Łukasz Bromirski Aug 2, 2023
If You want to experiment with BGP FlowSpec on your router, there's alpha version of my BGP Blackholing FlowSpec server at 85.232.240.180 & 2001:1a68:2c:2::180. You'll get 1345 IPv4 FlowSpec AF prefixes and 45 in IPv6 FlowSpec AF. The rest of configuration is the same as in main project: https://lukasz.bromirski.net/bgp-blackholing/ Please ping me directly and share your feedback (with your platform details if possible - thanks!) #iosxr #pushdastuff #bgp #blackholing
BGP Blackholing PL project

what it’s all about? in the internet, not all IPv4 and IPv6 prefixes will be sources or destinations of traffic you’d like to have anything common with. some of them will be used or controlled by bad actors that can try to compromise your network (you have been likely selected at random, do not flatter yourself) or other evil goals. why would you like to receive that traffic? or send traffic towards them?

lukasz.bromirski.net
Łukasz Bromirski Jul 30, 2023
You *may* have noticed small disturbance of the force with regards to BGP Full Feed and BGP Blackholing projects. That's because over last two nights I migrated all infra to... this ;) #iosxr #xrv9000 #pushdastuff
Łukasz Bromirski Jul 30, 2023
Logging to IOS XR using SSH keys - 7.0+ edition howto: lukasz.bromirski.net/post/ios-xr-au… #iosxr #ssh #openssh #hardening #security #pushdastuff