The MFN Project

The allocations, firewall rules and WireGuard profiles for ProjectDeko
have been removed from the network and that address space has been
returned the pool for future use. Gateway information for their routers
has also been removed.

The team will be working on the beginning stages of project documentation
and hopefully we will have a complete visualization of the network as it
is deployed within two weeks.

I am gonna go ahead and apologize for any weird
formatting on this post, I am on mobile right now.

Just an update from the project leads at MFN, we had
our monthly meeting a few nights ago and the policy
on issuing /58s has been reviewed and expanded upon.
With proper justification and a good outline of their
projects and network at hand, members can now request
up to two /58s from us and those /58s can be divided
into two /59s each to cover parts of their homelabs
and network that may be at different end points.

Our stance on network management and security controls
are being revised. The JNE raised the point that we
should be keeping a closer eye on how our network is
used and where the majority of our traffic flows to.
Honest, as the LNE, I kind of agree. So, after a three
for three vote (the DRA was in this meeting) we will
working on revising our policies around this and
making sure all routers are giving us the relevant
information.

We also have done some network housekeeping and have
made sure all of our DNS records are up to date
and are slowly working on getting SSL certs in place
across the network for all devices. This unfortunately
wont happen over night, but it is a start towards
addressing that issue. Along with the SSL cert problem
being resolved, we are most likely going to remove
port 80 access to our website.

We also retired the old core router VM. A copy of it
has been retained offsite in case something screws up
with the new core router, but everything has been
migrated over. Was a bit nerve wracking as part of
our network did go belly up, but that was quickly
resolved and when the actual switch was thrown, we
only saw about 20ms of down time on critical services.
So glad to have that task completed and out of the
way after putting it off for a few months.

On to the Lemmy instance, it has been updated to
0.18.0 and the site icon was removed due to the
instance not restarting with the icon. We also have
placed a 100Mbps limit on the instance to keep it
from overwhelming our network or any other instances.
We are aware of the defederation issue that was
pointed out to us. I don’t know why this has happened,
but I did reach out to the other party to see what is
going on. Hopefully it is just some kind of small
issue that we can fix or something that we can better
align our instance to match what they expect. On this
topic, we are still working to figure why the email
for the instance is broken. We will still review the
applications you send in, but emails will be from
our support staff if they need to reach you directly.

The plans for the DayZ server have been scrapped. To
put it simply, none of the project leads have the time
to do the upkeep on it. We are still looking into the
plans for the Minecraft server. It is just that Marbled
Fennec Networks grew into a much larger project than
expected very quickly and there is only two of us
volunteer staff that have enough experience with the
system and project flow to keep everything working as
intended. We can’t take on more work ourselves at this
time and our other two guys are very busy with IRL
ongoings.

Hopefully in the next few weeks we can catch up on
other things that need to be worked on and get the
backlog of task knocked out.

For the time being, we have decided not to put this into action on the
network as there are bigger projects being worked on right now. We
will be sticking with the hard caps on bandwidth until a few other things
such as firmware testing and firewall rules have been finalized.

MFN volunteer staff have submitted an internal RFC that may change
the way our network is managed and functions. Currently, all of our
routers feature a hard cap of 350Mbps on their WAN interfaces. The
change proposed would put in place time based limits during the
week days and open up access on nights and weekends.

The proposal states that from 9am to 9pm EST, monday through
thursday, that our routers be limited to 250Mbps during those hours.
After 9pm, the network limits would be raised to 500Mbps shared
across the routers. On Fridays, 9am to 9pm, the limit would be the
usual 350Mbps during those hours; opening up to 500Mbps
after 9pm. Saturday and Sunday would only feature the 500Mbps
hard cap.

The RFC is only being reviewed at the moment. Even if everyone
votes yes on the RFC, end users would have to understand that
the routers still share one physical medium and that nights and
weekends would be considered unmanaged due to the
over provisioning on our network. We are currently under the amount
of users where this could be a problem, however.