I'm starting to provide Chinese / English versions of some articles, switch with the Language menu above. 我开始提供部分文章的中文、英文翻译,请使用顶部语言菜单切换。

DN42 Experimental Network: Intro and Registration (Updated 2021-05-02)

DN42, aka Decentralized Network 42, is a large, decentralized VPN-based network. But unlike other traditional VPNs, DN42 itself doesn't provide any VPN exits, which means it doesn't allow you to bypass Internet censorships or unlock streaming services. On the contrary, the goal of DN42 is to simulate another Internet. It uses much of the technology running on modern Internet backbones (BGP,...

Setting up DN42 WHOIS Server with nginx

In my previous article "Setting up Gopher Site with nginx", I mentioned that the Gopher service is a byproduct of my original plan: modifying nginx into a WHOIS server for DN42. This article will explore into details of that process.The WHOIS Protocol ¶First, we can find a WHOIS server to observe its response. Choose the WHOIS server for .pub domain for example, and run telnet whois.nic.pub 43:...

Setting up Gopher Site with nginx

Changelog ¶2021-03-24: Improve article processing, add scripts for parsing links and images.2021-03-21: Initial version.What's Gopher ¶Gopher is a protocol born in the early ages of Internet. It was invented at University of Minnesota on 1991, with a purpose similar to HTTP today. The protocol itself is extremely simple:Client connects to TCP port 70 of server,...

Make an Infinite Sleep Program in Only 4KB

In my network configuration, some of my Docker containers, for example DNS, need to achieve high availability with Anycast. In my previous article, I created a Busybox container and run tail -f /dev/null, in order to let it persist infinitely, but without using any CPU cycles, to maintain a network namespace used by both the server application and BIRD.In short:...

Static Build Tiny Docker Images

What's stored in Docker images can be seen as numerous tiny Linux systems. Most of them are based on Debian, Ubuntu or Alpine, with extra software installed on top.Using a complete Linux distribution as the basis gives the benefit of having commonly used commands available, such as ls and cat. They are often used in the image building process. In addition,...

Writing Essays in Traceroute, Elegantly

Traceroute is one of the popular tools for network inspection. It shows the IP addresses of routers on the route from your computer to a destination server, similar to:Domains are shown on the last 2 hops, which is the IP's reverse DNS record. Reverse DNS records exist as PTR records in the format of 4.3.2.1.in-addr.arpa. For more information,...

Planning Ahead: Using Post-Quantum Cryptography

On the modern Internet, most websites already support HTTPS. The SSL/TLS encryption protocol will encrypt user's request and the website's response, so that malicious users along the way cannot steal or tamper with the information. One important component of SSL/TLS protocol is asymmetric cryptographic algorithms. For these algorithms, the key is separated into a public key and a private key,...

Selfhosting a DNS Root Server

With the scale of conflict between China and the United States increasing, on some social media websites in China, some users started expressing concerns on United States cutting China's access to DNS root servers, or removing China's domains in the root servers, in order to break China's Internet.By now, there are many analysis on the matter that states that this is unlikely to happen....

How to Kill the DN42 Network (Updated 2020-08-28)

DN42 is an experimental network, where everyone helps everyone. Nobody is going to blame you if you screwed up. You may seek help at DN42's IRC channel, mailing list or the unofficial Telegram group.Since DN42 is a network for experimentation, a lot of relatively inexperienced users also participate in it. Therefore,...