In my network configuration, some of my Docker containers, for example DNS, need to achieve high availability with Anycast. In my previous article, I created a Busybox container and run tail -f /dev/null, in order to let it persist infinitely, but without using any CPU cycles, to maintain a network namespace used by both the server application and BIRD. In short:...

What's stored in Docker images can be seen as numerous tiny Linux systems. Most of them are based on Debian, Ubuntu or Alpine, with extra software installed on top. Using a complete Linux distribution as the basis gives the benefit of having commonly used commands available, such as ls and cat. They are often used in the image building process. In addition,...

DN42, aka Decentralized Network 42, is a large, decentralized VPN-based network. But unlike other traditional VPNs, DN42 itself doesn't provide any VPN exits, which means it doesn't allow you to bypass Internet censorships or unlock streaming services. On the contrary, the goal of DN42 is to simulate another Internet. It uses much of the technology running on modern Internet backbones (BGP,...

On the modern Internet, most websites already support HTTPS. The SSL/TLS encryption protocol will encrypt user's request and the website's response, so that malicious users along the way cannot steal or tamper with the information. One important component of SSL/TLS protocol is asymmetric cryptographic algorithms. For these algorithms, the key is separated into a public key and a private key,...

With the scale of conflict between China and the United States increasing, on some social media websites in China, some users started expressing concerns on United States cutting China's access to DNS root servers, or removing China's domains in the root servers, in order to break China's Internet. By now, there are many analysis on the matter that states that this is unlikely to happen....

DN42 is an experimental network, where everyone helps everyone. Nobody is going to blame you if you screwed up. You may seek help at DN42's IRC channel, mailing list or the unofficial Telegram group. Since DN42 is a network for experimentation, a lot of relatively inexperienced users also participate in it. Therefore,...

This article is about a meme in China that may require some cultural background to understand. Since the content is related to the specific language used, there are minor differences between the Chinese and English versions. What's "Scripture of Safety"?¶ The Scripture of Safety (平安经) is a book written by He Dian, the (now former) official of Jilin Public Security Department, China....

Changelog¶ 2020-10-01: Add warning to not filter private ASNs within internal network 2020-06-07: Add limitations of Bird confederation, and a way to simulate confederation 2020-05-17: Initial version Comparison of BGP Interconnection Schemes within an ISP¶ Most ISPs, or Internet Service Providers, use BGP protocol to exchange their route information....

History of x86 & x86_64, and x32 ABI¶ Most of the personal computers and servers we use nowadays use the x86_64 architecture, whose specification was released by AMD in 2000, and the first processor released in 2003. Since x86_64 is a 64-bit architecture, in x86_64 each register in the CPU can hold 64 bits of data (or 8 bytes). Before x86_64 went popular,...

Based on the requests of DN42 Telegram Group members, I plan to add Telegram Bot support to my Bird Looking Glass, so it is easier for them to look up whois information, testing networks and finding sources of route leaks. The bot is supposed to recognize commands starting with /, and respond to the message. My Looking Glass is written in Go,...