We are excited to literally announce our own Autonomous System :)
One week ago we started announcing AS 208323. On the same day we migrated our main Tor server to it. Here are some of the factors that motivated us to apply for our own ASN:
Bandwidth: Having your own Autonomous System Number is one of the technical requirements to join Community-IX. Community-IX provides non-profit organizations that meet their requirements with free IP transit capacity.
Routing Security: Running our own BGP routers allows us to define our own policies and RPKI based Route Origin Validation has been part of our AS from the very first second it went online.
Redundancy: Until we moved into our own ASN we had only a single fiber connecting us to the world which basically never was a real issue but now we got two which allows us to keep running even when our upstream needs to do maintainance.
Abuse Management. Due to our limited Tor exit policy we never had much abuse emails but running our own AS gives us the freedom to choose a more open Tor exit policy in the future should we want to.
Anycast. Having our own ASN will come handy should we ever run our DNS privacy resolvers in multiple Anycast locations, which is not something we can do currently due to the additional required IP prefixes but having that option in the future is nice.
From a technical point of view we run BIRD 2 and Routinator 3000, but we are not entirely happy with the setup since BIRD on BSD apparently has some limitations (no support for privilege dropping, worse syncing with kernel table, no ECMP) so we might change OS or BGP daemon in the future.
Our ASN shows up on the Tor network top 10 ASNs already:
In the next few weeks we will deploy a RIPE Atlas probe and we are planning to join the MANRS initiative.
Thank you to everyone who made this possible!