Archive for the ‘networking’ Category
Background At home I have a bunch of SSH tunnels from a VM to my various virtual private servers in various places around the world, so I can direct my web traffic through those exit points when needed. I’ve written before about using autossh to do this. But when I’m travelling I don’t have my […]
Filed under: howto, networking | 1 Comment
Tags: keys, OpenWRT, proxy, SOCKS, SSH, sshtunnel, tunnel
The great bandwidth swindle
This isn’t a new thing. I’ve even written about it before. But it seems to be coming up in a LOT of conversations at the moment. The price that cloud providers charge for egress from their networks to the Internet is staggeringly high. Or as Bryan Cantril put it in a recent episode of his […]
Filed under: cloud, networking | Leave a Comment
Tags: aws, Azure, bandwidth, cloud, cost, data gravity, ec2, economics, egress, GCP, Lightsail, pricing, s3, transfer, VPS
AutoSSH in Screen from systemd
I like to have permanent SSH connections from (a VM on) my home network to the various virtual private servers (VPSs) that I have scattered around the globe as these give me SOCKS proxies that I can use to make my web traffic appear from the US or the Netherlands or wherever (as mentioned in […]
Filed under: howto, networking | 1 Comment
Tags: autossh, screen, SOCKS, SSH, systemd, tunnel, unit, VPS
Why? Everything you access on the Internet starts with a Domain Name System (DNS) query to turn a name like google.com into an IP address like 216.58.218.14. Typically the DNS server that provides that answer is run by your Internet Service Provider (ISP) but you might also use alternative DNS servers like Google (8.8.8.8). Either way […]
Filed under: howto, networking, Raspberry Pi | 40 Comments
Tags: 1.1.1.1, CloudFlare, DNS, privacy, Raspberry Pi, tls, Unbound
Using 1.1.1.1
TL;DR One of the best features of Cloudflare’s new 1.1.1.1 DNS service is the privacy provided by DNS over TLS, but some setup is required to make use of it. I put Unbound onto the OpenWRT routers I use as DNS servers for my home network so that I could use it. Background Yesterday Cloudflare […]
Filed under: howto, networking | 2 Comments
Tags: 1.1.1.1, Bind, CloudFlare, DNS, OpenWRT, privacy, Unbound
TL;DR The WiFi coverage in my house wasn’t as good as I’d like it to be, and I’ve heard lots of good stuff about Ubiquiti UniFi gear, so I’ve installed one of their Lite Access Points, and it seems to be working well. Background I first came across Ubiquiti kit as part of the bizarre […]
Filed under: Docker, networking, review | 1 Comment
Tags: Access Point, AP, POE, review, router, switch, Ubiquiti, UniFi, USG, wifi
TL;DR I need local DNS for various home lab things, but the Windows VMs I’ve been using can be slow and unreliable after a power outage (which happens too frequently). Moving to BIND turned out to be much easier than I feared, and I chose OpenWRT devices to run it on as I wanted reliable […]
Filed under: networking | Leave a Comment
Tags: AD, Bind, DNS, forwarder, OpenWRT, zone
TL;DR I thought I could put Squid in front of an SSH tunnel, but it can’t do that. Thankfully Polipo can do the trick. Why? I was quite happy when it was just spies that were allowed to spy on me (even if they might have been breaking the law by doing so), but I […]
Filed under: howto, networking | 2 Comments
Tags: http, IPAct, Polipo, proxy, snoopers charter, SOCKS, Squid, SSH, VPS
Late last year AWS launched Private DNS within Amazon VPC as part of their Route 53 service. This allows customers to create DNS entries that are only visible within a VPC (or group of VPCs). It’s also possible to have ‘split horizon’ DNS where servers inside a VPC get different answers to the same queries versus users […]
Filed under: CohesiveFT, howto, networking | 2 Comments
Tags: aws, Bind, DNS, Route 53, Unbound, VPC
All of the major cloud providers now offer some means by which it’s possible to connect to them directly, meaning not over the Internet. This is generally positioned as helping with the following concerns: Bandwidth – getting a guaranteed chunk of bandwidth to the cloud and applications in it. Latency – having an explicit maximum […]
Filed under: cloud, CohesiveFT, networking | Leave a Comment
Tags: amazon, aws, Azure, cloud, direct connect, direct peering, expressroute, GCE, GCP, google, Microsoft, network
Chris Swan's Weblog 