I'm starting to provide Chinese / English versions of some articles, switch with the Language menu above. 我开始提供部分文章的中文、英文翻译,请使用顶部语言菜单切换。

Make an Infinite Sleep Program in Only 4KB

In my network configuration, some of my Docker containers, for example DNS, need to achieve high availability with Anycast. In my previous article, I created a Busybox container and run tail -f /dev/null, in order to let it persist infinitely, but without using any CPU cycles, to maintain a network namespace used by both the server application and BIRD. In short:...

Static Build Tiny Docker Images

What's stored in Docker images can be seen as numerous tiny Linux systems. Most of them are based on Debian, Ubuntu or Alpine, with extra software installed on top. Using a complete Linux distribution as the basis gives the benefit of having commonly used commands available, such as ls and cat. They are often used in the image building process. In addition,...

DN42 Experimental Network: Intro and Registration (Updated 2020-10-01)

DN42, aka Decentralized Network 42, is a large, decentralized VPN-based network. But unlike other traditional VPNs, DN42 itself doesn't provide any VPN exits, which means it doesn't allow you to bypass Internet censorships or unlock streaming services. On the contrary, the goal of DN42 is to simulate another Internet. It uses much of the technology running on modern Internet backbones (BGP,...

Planning Ahead: Using Post-Quantum Cryptography

On the modern Internet, most websites already support HTTPS. The SSL/TLS encryption protocol will encrypt user's request and the website's response, so that malicious users along the way cannot steal or tamper with the information. One important component of SSL/TLS protocol is asymmetric cryptographic algorithms. For these algorithms, the key is separated into a public key and a private key,...

Selfhosting a DNS Root Server

With the scale of conflict between China and the United States increasing, on some social media websites in China, some users started expressing concerns on United States cutting China's access to DNS root servers, or removing China's domains in the root servers, in order to break China's Internet. By now, there are many analysis on the matter that states that this is unlikely to happen....

How to Kill the DN42 Network (Updated 2020-08-28)

DN42 is an experimental network, where everyone helps everyone. Nobody is going to blame you if you screwed up. You may seek help at DN42's IRC channel, mailing list or the unofficial Telegram group. Since DN42 is a network for experimentation, a lot of relatively inexperienced users also participate in it. Therefore,...

An Elegant "Scripture of Safety" Generator

This article is about a meme in China that may require some cultural background to understand. Since the content is related to the specific language used, there are minor differences between the Chinese and English versions. What's "Scripture of Safety"?¶ The Scripture of Safety (平安经) is a book written by He Dian, the (now former) official of Jilin Public Security Department, China....

x32 ABI and Docker Containers

History of x86 & x86_64, and x32 ABI¶ Most of the personal computers and servers we use nowadays use the x86_64 architecture, whose specification was released by AMD in 2000, and the first processor released in 2003. Since x86_64 is a 64-bit architecture, in x86_64 each register in the CPU can hold 64 bits of data (or 8 bytes). Before x86_64 went popular,...

Writing a Simple Telegram Bot

Based on the requests of DN42 Telegram Group members, I plan to add Telegram Bot support to my Bird Looking Glass, so it is easier for them to look up whois information, testing networks and finding sources of route leaks. The bot is supposed to recognize commands starting with /, and respond to the message. My Looking Glass is written in Go,...