Archive for the ‘networking’ Category

Why? Everything you access on the Internet starts with a Domain Name System (DNS) query to turn a name like google.com into an IP address like 216.58.218.14. Typically the DNS server that provides that answer is run by your Internet Service Provider (ISP) but you might also use alternative DNS servers like Google (8.8.8.8). Either way […]


Using 1.1.1.1

02Apr18

TL;DR One of the best features of Cloudflare’s new 1.1.1.1 DNS service is the privacy provided by DNS over TLS, but some setup is required to make use of it. I put Unbound onto the OpenWRT routers I use as DNS servers for my home network so that I could use it. Background Yesterday Cloudflare […]


TL;DR The WiFi coverage in my house wasn’t as good as I’d like it to be, and I’ve heard lots of good stuff about Ubiquiti UniFi gear, so I’ve installed one of their Lite Access Points, and it seems to be working well. Background I first came across Ubiquiti kit as part of the bizarre […]


TL;DR I need local DNS for various home lab things, but the Windows VMs I’ve been using can be slow and unreliable after a power outage (which happens too frequently). Moving to BIND turned out to be much easier than I feared, and I chose OpenWRT devices to run it on as I wanted reliable […]


TL;DR I thought I could put Squid in front of an SSH tunnel, but it can’t do that. Thankfully Polipo can do the trick. Why? I was quite happy when it was just spies that were allowed to spy on me (even if they might have been breaking the law by doing so), but I […]


Late last year AWS launched Private DNS within Amazon VPC as part of their Route 53 service. This allows customers to create DNS entries that are only visible within a VPC (or group of VPCs). It’s also possible to have ‘split horizon’ DNS where servers inside a VPC get different answers to the same queries versus users […]


All of the major cloud providers now offer some means by which it’s possible to connect to them directly, meaning not over the Internet. This is generally positioned as helping with the following concerns: Bandwidth – getting a guaranteed chunk of bandwidth to the cloud and applications in it. Latency – having an explicit maximum […]


Yesterday I delivered a tutorial as part of the Open Network Users Group (ONUG) Academy: To go through the tutorial yourself you’ll need an AWS account and an SSH client (and the Internet access and browser you’re using to read this). To complement the slides there’s a wiki on GitHub with all of the relevant command […]


At last week’s Ignite conference Microsoft announce a set of new networking capabilities for its Azure cloud described as being ‘for a consistent, connected and hybrid cloud’. The new capabilities include improvements to ExpressRoute, Azure’s Internet bypass offering, availability of ExpressRoute for SaaS offerings such as Office 365 and Skype for Business, additional VPN capabilities […]


NAT in the hat

06Apr15

TL;DR Whilst on vacation in Spain I’ve found networks that seem to be like something out of a Cory Doctorow novel – domestic WiFi routers hanging off domestic WiFi routers hanging off domestic WiFi routers. At first I thought it was my Airbnb host being cheap and having a cosy arrangement with a neighbour to […]