rene/PeerCortex
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
PeerCortex/CHANGELOG.md
Rene Fichtmueller f0fe8125e0 docs: Update CHANGELOG for Features 2 and 3 
- Add PDF Report Export (Feature 2): Playwright-based PDF generation with multi-format support
- Add ASPA Adoption Tracker (Feature 3): Daily sampling, regional analysis, 6-month forecasting
- Update test coverage notes: 215 tests total across all features (80%+ per module)
- Document API endpoints for all 3 features
- Note zero external API costs across all features

v0.7.0 complete: 3 major features, 215 tests, PostgreSQL backend, production-ready
2026-04-29 07:47:48 +02:00

14 KiB
Raw Permalink Blame History

PeerCortex Changelog

All notable changes to PeerCortex are documented here.

v0.7.0 — 2026-04-29

Added

  • BGP Hijack Alerting + Webhooks (Feature 1) — Real-time detection and alerting for BGP hijacks, MOAS events, and prefix leaks with persistent storage and webhook delivery.

    • Deterministic Classification: Code-based logic classifies hijack type (MOAS/HIJACK/LEAK) and severity (CRITICAL/HIGH/MEDIUM/LOW) based on ASN origin analysis and prefix length.
    • Optional Ollama Enrichment: For CRITICAL severity hijacks, optional local qwen2.5:3b model enriches alert description with impact assessment (5s timeout, graceful fallback).
    • PostgreSQL Backend: Three core tables (hijack_events, webhook_subscriptions, webhook_deliveries) with proper indexing and deduplication (6-hour window per ASN:prefix).
    • Webhook Delivery: HMAC-SHA256 signed POST delivery with exponential backoff retry (1s → 2s → 4s → 8s → 16s), configurable timeout per subscription.
    • Retry Scheduler: node-cron job polls failed deliveries every 5 minutes, auto-retries with configurable max attempts.
    • API Endpoints: POST /api/webhooks (register), GET /api/webhooks (list), DELETE /api/webhooks/{id} (unregister), POST /api/webhooks/{id}/test (test delivery), GET /api/hijacks (list events), POST /api/hijacks/{id}/resolve (mark resolved).

  • PDF Report Export (Feature 2) — On-demand, server-side PDF generation for comprehensive network analysis reports with intelligent caching and performance optimization.

    • Multiple Formats: Report (2025 pages, full analysis), Executive (35 pages, C-level summary), Technical (1015 pages, engineer deep-dive).
    • Playwright Integration: Chrome-based PDF rendering via Playwright with 30s timeout, reusable browser instance, and automatic restart on lifetime exceeded (1h max).
    • Smart Caching: 5-minute in-memory TTL cache with SHA256 deduplication, database persistence, and automatic cleanup of expired records.
    • Template Engine: Dynamic HTML templates with variable substitution (simple fields, nested objects, arrays with {{#each}} loops).
    • Memory Management: Chromium process monitoring, automatic restart if memory exceeds 500MB, per-PDF instance tracking.
    • API Endpoints: GET /api/export/pdf?asn=13335&format=report|executive|technical (stream PDF), GET /api/export/pdf/stats (cache + DB statistics).

  • ASPA Adoption Tracker (Feature 3) — Global adoption trend tracking with daily sampling, regional breakdowns, IXP analysis, and 6-month forecasting.

    • Daily Sampler: Stratified random sampling of 5001000 ASNs weighted by region and prefix count, deterministic rotation per day.
    • ASPA Collector: Rate-limited parallel fetching (5s timeout per ASN), caches results 24h, tracks provider verification percentage.
    • Aggregator: Groups by region (Africa, APAC, Europe, LatAm, NorthAm, Oceania) and IXP, calculates coverage percentages.
    • Forecaster: Linear regression with 90-day lookback, predicts 6-month adoption, confidence interval (0.01.0).
    • Scheduled Job: Runs daily at 2 AM UTC via node-cron, stores results in PostgreSQL with deduplication.
    • Public Dashboard: /aspa-adoption page with coverage gauge, 30-day trend line, regional heatmap, top adopters, IXP rankings, forecast box, export buttons (CSV/JSON).
    • API Endpoints: GET /api/aspa-adoption-stats?period=7d|30d|1y&region=Global|Europe|NA|APAC (trend data), GET /api/aspa-adoption-stats/regional (by region), GET /api/aspa-adoption-stats/ixps?top=20 (IXP rankings), GET /api/aspa-adoption-stats/export?format=csv|json&period=30d (for blog articles).

Fixed

  • SQL JOIN column aliasing: Resolved duplicate column names in multi-table JOINs using explicit prefixes (ws_/he_/wd_) and dynamic key lookup pattern for type-safe mapping.
  • Fetch mock AbortSignal support: Added proper AbortSignal listener support in test mocks to correctly simulate timeout behavior with AbortController.

Technical

  • Test Coverage: 215 total tests across all features (22 Hijack + 74 PDF + 67 ASPA + 52 integration tests). Coverage: 80%+ per feature module. All tests passing.
  • Zero External API Costs: Classification and enrichment entirely local — deterministic code + optional Ollama (Feature 1). PDF generation with local Playwright (Feature 2). ASPA data from existing RIPE Stat integration (Feature 3).
  • API Server Integration: All 3 routes registered at /api/* with Fastify, health check endpoint (/health), root info endpoint.
  • PostgreSQL Migrations: Three migration files (001-hijack-alerts.sql, 002-pdf-reports.sql, 003-aspa-adoption.sql) with proper indexing and constraints.

v0.6.9 — 2026-04-05

Added

  • Resilience Score: Weighted 4-factor score (110) per ASN — Transit Diversity (30%), Peering Breadth (25%), IXP Presence (20%), Path Redundancy (25%). Hard cap at 5.0 when only a single transit provider is detected. Shows a large score digit plus four colour-coded progress bars in the UI.
  • Route Leak Detection: Heuristic analysis using RIPE Stat neighbour data. Detects two patterns: sandwich candidates (Tier-1 appearing as both upstream and downstream) and Tier-1 as downstream (unusual re-origination). Reference set: 21 known Tier-1 ASNs. Confidence: medium — pattern-based, not real-time.
  • Data Provenance System: Every API response field carries _provenance metadata — source, validation method (cross-validated / heuristic / computed / single-source), confidence (high / medium / experimental), and an optional note. Shown in the UI as coloured badges next to each card title.
  • MCP Server (mcp-server.js): PeerCortex as MCP tools for Claude Desktop and Claude Code — lookup_asn, compare_networks, get_health_report, search_network, get_resilience_score.
  • Rotating Daily Audit: 100 ASNs tested daily, deterministically rotated via SHA256 date seed. Math checks (prefix sums, RPKI sums, IX dedup) + external cross-validation against RIPE Stat and PeeringDB.
  • Daily Audit Email: HTML report with all tested ASNs, cross-validation columns and critical/warning/ok/skip counts, sent daily at 06:00 UTC.

Fixed

  • ASN name fallback: ASNs with no RIPE Stat holder or RDAP data now resolve name and country from bgp.he.net page title and country href — eliminates Unknown name entries for unassigned blocks and micro-ISPs.

v0.6.8 — 2026-04-03

Fixed

  • Name fallback via bgp.he.net title: ASNs without a PeeringDB entry and no RIPE Stat holder now extract their name from bgp.he.net page title (e.g. LLHOST INC. SRL, RIPE NCC ASN block).
  • Country code fallback via bgp.he.net: ASNs with no country in rir-stats-country now derive their 2-letter country code from bgp.he.net href (e.g. /country/RO, /country/GB).

Infrastructure

  • Daily automated audit introduced: 103 ASNs validated every 24h.

v0.6.6 — 2026-04-02

Added

  • Route Server (RS) column in IX table: Every IX connection now shows whether the network participates in that IXP's route server, directly in the IX Presence table.
  • Contacts & Registration card: Shows Points of Contact (name, role, email) from PeeringDB along with registration date, last-modified, and RIR handle from RDAP. Named individuals with public emails are flagged as potential B2B leads.
  • Data Sources Timing Panel: New card showing the response time of every API source queried during the lookup — with colour-coded bars (green < 500 ms, orange < 2 s, red = slow/failed).
  • Raw JSON Export: Added "⬇ Raw JSON" link in the network overview. Downloads the full lookup result as a formatted JSON file.
  • HQ City in overview: The network's registered city (from PeeringDB) now appears next to the country flag in the network overview header.

v0.6.5 — 2026-04-02

Added

  • Name search with autocomplete: Type any network or organization name in the search bar to get live suggestions. Results are sourced from both RIPE Stat and PeeringDB — covering thousands of registered networks worldwide. Use arrow keys to navigate, Enter or click to select.

v0.6.4 — 2026-04-02

Fixed

  • IRR Audit: Switched data source to NLNOG IRR Explorer, which covers all major IRR databases (RIPE, ARIN, APNIC, RPKI-to-IRR). Now shows a per-prefix breakdown with IRR source, RPKI validation status, and an overall assessment badge. Previously showed 0% for correctly registered ASNs.
  • Service reliability: Improved automatic recovery from unexpected process crashes — all services now restart automatically without manual intervention.

v0.6.3 — 2026-04-02

Added

  • Tooltips on all cards: Hover over any section header to see a plain-language explanation of what data it shows and where it comes from.

v0.6.2 — 2026-04-01

Fixed

  • AS-PATH Visualizer: Now shows real BGP path data via RIPE RIS looking-glass. Previously showed no data due to an unavailable data endpoint.
  • Routing History: Replaced broken endpoint with RIPE Stat routing-history — shows a prefix table with first/last seen dates for all announced prefixes.
  • IXP Member List: Replaced single-IX display with a full IXP picker. All IXPs where the AS is a member appear as buttons; click any to load its member list. Previously only showed one IXP.
  • Sources of Trust card: Moved to the end of the dashboard as intended.

v0.6.1 — 2026-04-01

Fixed

  • New feature cards (BGP Community Decoder, IRR Audit, Routing History, AS-PATH Visualizer, Looking Glass, Hijack Monitor, IXP Member List) now load automatically after every ASN lookup.
  • Feedback terminal redesigned to match the PeerCortex editorial style — no more green-on-black terminal aesthetic.
  • Share button replaced with icon-only dropdown (X/Twitter, LinkedIn, Facebook, Copy Link).
  • Button overlap in bottom-right corner resolved.

v0.6.0 — 2026-04-01

Added

  • BGP Community Decoder — Decodes BGP community values with a built-in database covering RFC-standard, major transit carriers, and IXP communities.
  • IRR Audit — Compares IRR route objects against actual BGP announcements, shows coverage percentage and per-prefix status.
  • AS-SET Expander — Recursively expands AS-SETs (up to 4 levels), lists all member ASNs.
  • Routing History — Shows prefix announcement history over the past 90 days.
  • AS-PATH Visualizer — Visual hop-by-hop AS path diagram from multiple vantage points, origin AS highlighted.
  • Looking Glass — RIPE RIS looking glass for arbitrary prefixes, aggregates paths from up to 15 route collectors.
  • BGP Hijack Monitor — Subscribe any ASN for prefix monitoring; checks every 30 minutes and stores alerts.
  • IXP Member List — Loads PeeringDB member list for any IXP where the queried ASN is present.
  • Share Link — One-click copy of a direct link to any ASN lookup; URL parameter auto-triggers lookup on page load.
  • Dark Mode — Toggle between light and dark theme, preference saved across sessions.
  • Changelog page — Full version history accessible via the navigation bar.
  • Unique visitor counter — Displays privacy-safe UV count in the footer (IP hashing, no raw addresses stored).
  • Feedback form — Submit feedback directly from the dashboard; responses delivered by email.

v0.5.0 — 2026-03-26

Added

  • RPKI-based ASPA detection via Cloudflare RPKI JSON feed — 1,500+ ASPA objects, refreshed every 10 minutes.
  • RFC-compliant ASPA path verification (draft-ietf-sidrops-aspa-verification-14) — upstream/downstream verification, valley detection, AS_SET flagging, per-hop status.
  • ASPA Readiness Score (0100) across four dimensions: ROA coverage, ASPA object presence, provider match completeness, path validation rate.
  • Provider Audit — compares RPKI-declared providers vs BGP-detected providers, highlights gaps.
  • Network Health Report — 13 automated checks with traffic-light scoring (Bogon, RPKI ROA, Blocklist, IRR, MANRS, BGP Visibility, Reverse DNS, Abuse Contact, Resource Cert, IX Route Servers, BGP Communities, Geolocation, IRR Object).
  • RIPE Atlas probe integration — total probes, connected/disconnected counts, anchors per ASN.
  • bgproutes.io integration — 3,000+ vantage points, RIB queries, ROV and ASPA status.
  • Network Compare — side-by-side comparison of two ASNs (common IXPs, shared upstreams, overlapping facilities).
  • Recent Lookups with quick-click history badges.

Fixed

  • ASPA objects not detected — switched from broken RIPE DB remarks search to Cloudflare RPKI JSON feed.
  • Various frontend rendering bugs.

v0.4.0 — 2026-03-25

Added

  • Initial public release.
  • ASN lookup dashboard with PeeringDB, RIPE Stat, RIPE Atlas, bgproutes.io, and Cloudflare RPKI integration.
  • Per-prefix RPKI validation.
  • AS neighbour resolution with names.
  • IX presence, facilities, and peering policy display.
  • Network Compare tool.
  • Live at peercortex.org.

Data Sources

Source Usage
PeeringDB Network profiles, IX connections, facilities, peering policy
RIPE Stat Prefixes, neighbours, routing history, looking glass, abuse contacts
RIPE Atlas Probe and anchor detection per ASN
bgproutes.io Vantage point data, RIB queries, ROV/ASPA status
Cloudflare RPKI ASPA objects, ROA validation
NLNOG IRR Explorer IRR registration across all major databases
RIPE DB WHOIS data, IRR objects, AS-SET expansion