Search Results

L2TP/IPSec is a common general-purpose VPN protocol that work with most platforms. For example, computers running Windows, macOS, iPhones, and Android devices all support this type of VPN out-of-the-box. This type of VPN is a little bit oldschool, in that it i...

NYC Mesh maintains some common VPN infrastructure for use by active mesh members. Please feel free to use the VPNs. However, please note that NYC Mesh is not a commercial VPN provider or reseller, nor are we trying to achieve an Internet-based darknet. The VP...

WireGuard is a new, simple, and fast VPN implementation and protocol. For comparison, the older L2TP/IPsec VPNs typically will achieve about 100Mbps, but WireGuard VPNs may reach speeds upward of 300-400Mbps on the same hardware, or higher on a high-end workst...

WireGuard is generally described on another page, here: VPN - Wireguard. This page is about what is needed to configure WireGuard for routing over the VPN; especially with a focus on OSPF. A Note on Cryptokey Routing It's worth a section to touch on the crypto...

In a decentralized organization like the Mesh, it is difficult for new people to figure out who does what. Basically we work on a system of trust. As we get to know new people we trust that they will do the right thing, and we gradually share access to locatio...

Our basic plan is to create hubs and supernodes across the city so it is easy for any building to connect to our network. We think this will take about 50 tall buildings spread across all neighborhoods. We currently only have 3 supernodes and about 5 major hub...

A common misconception about the mesh is that we are an "Internet Service Provider", strictly speaking. While we provide an alternative connection to the Internet and thus serve as an alternative to the big NYC ISPs, we are first and foremost a community that ...

This guide is intended to outline the workflow and processes that need to occur for a new member to join the mesh. This follows a member from their initial contact through to them successfully being connected to the mesh. This information is likely subject to...

Security The goal of this document is to provide the most useful information for anyone interested in the security of the network. If there is missing information that would help understand and improve our network, please reach out to contact@nycmesh.net or j...

This page intends to list the services "hosted" on NYC Mesh and available directly to NYC Mesh members. Some may be available only to NYC Mesh members while some may as well be available from the Internet via a Public IP address (or through Public DNS) They ar...

We have been moving towards MikroTik OmniTik as our mesh device. Before using a NanoStation, you should check with us that you are in range of another NanoStation. Some use the NanoStation when they are out of range of the mesh network using the built-in tinc ...

If you're looking for help troubleshooting your mesh connection, you want the Member Connection Troubleshooting Guide. This guide is intended for older hardware with custom mesh software that we no longer use. It is not applicable to the RouterOS software tha...

Zabbix lives at http://zabbix.mesh.nycmesh.net Zabbix is used primarily for historical data collection and Slack. There are a handful of dashboards configured for a few devices, but for the most part, the rest of its configuration is unused. Data Collection ...

For more in depth access to MeshDB's datebase, you can use the SQL Explorer tool to perform complex queries and operations on the the MeshDB dataset. The tool is read-only, however queries can be stored for later use by yourself or others. Try it out at htt...

We run multiple instances of MeshDB. This is so that we can do development and testing, gate our changes, and ensure the quality of the code and configurations we ship. Find our infrastructure at nycmeshnet/k8s-infra Production (prod1/prod2) https://db.nycm...

MeshDB has a maintenance mode. It prevents all access to the site, UI, and API while active. To enable it, run `manage.py enable_flag MAINTENANCE_MODE` or POST to the `/maintenance/enable/` route To disable it, run `manage.py disable_flag MAINTENANCE_MODE` o...

We use Datadog to monitor MeshDB. Dashboard https://p.us5.datadoghq.com/sb/4614e554-06a1-11ef-b43a-da7ad0900005-ba514715f9683f103794ee705df1db95 APM & Tracing Presently, MeshDB is instrumented at the deployment level with Single Step APM. Meshforms i...