December 27, 2025
From homelab to home‑ISP
Building a Multi- Site Kubernetes Cluster with BGP Anycast
Homelabber turns apartment into mini‑internet; commenters split between “genius” and “why”
TLDR: A hobbyist built a four‑country home‑ISP with his own network ID, making big carriers route traffic to his apartment. Comments split between applause for the epic learning flex and warnings it’s risky overkill, fueling home‑ISP memes and debates over DIY resilience versus just paying a cloud provider.
One restless tinkerer took a calm, single‑site setup and cranked it to 11: a four‑country, multi‑site cluster that makes big‑league carriers route traffic right to his apartment. He grabbed his own network “license plate” (an Autonomous System Number), ran BGP (the internet’s map‑sharing system), used anycast to send people to the closest entry point, and orchestrated apps with Kubernetes. The comments lit up. Fans called it “home‑ISP energy” and “art”, with network pros bowing to the ambition. Skeptics rolled their eyes: “All this instead of clicking Cloudflare?” and “DR excuse, resume project in disguise.”
Drama hit fast: “You’re one typo from chaos” warned the cautious, citing infamous routing mishaps. Supporters countered that he enabled extra route checks (RPKI) and monitoring, but critics still fretted about hobbyists adding noise to the global map. The biggest flame war? Disaster Recovery vs Just Because I Can. Memes rained down: “BGP = Bring Great Pain”, “not a homelab, a home ISP,” and “anycast my toaster.” Domestic comedy popped up too: “Imagine pitching 39 sessions and 12 tunnels to your partner.” Even the pros who applauded the dual links and security checks asked for diagrams, costs, and a “please don’t break the internet” promise. Chaotic? Yes. Educational? Also yes. And very, very online.
Key Points
- •The author operates AS214304 and advertises IPv6 prefix 2a0c:9a40:8e20::/48 registered via RIPE NCC, sponsored by iFog GmbH.
- •Infrastructure spans 20 nodes across the Netherlands, Greece, Norway, and Switzerland, connected by 12 IPsec tunnels, 39 FRR BGP sessions, and 4 Cilium BGP sessions.
- •Traffic uses IPv6 anycast at the edge, IPsec-meshed transport, Cilium’s BGP for pod routing, NAT64 for IPv6-to-IPv4 ingress, and dual-stack anycast with SNI for IPv4.
- •Upstream connectivity includes dual transit from Terrahost (AS56655) and iFog (AS34927), plus peering with FogIXP route servers (AS47498) accessing 3,500+ prefixes.
- •The setup receives the full IPv6 routing table (234,000+ prefixes), applies RPKI/ROA validation, uses BGPalerter for monitoring, and successfully propagates routes through Tier 1 carriers.