-- Leo's gemini proxy
-- Connecting to going-flying.com:1965...
-- Sending request
-- Meta line: 20 text/gemini; lang=en
I'm thinking about writing a series of articles on how (and why) I run things around here. I spent the better part of a decade working for a national ISP and developed habits and methods for building and caring for systems operating not only at scale but in an environment where 'move fast and break stuff' was not only a resume generating event but also potentially a way to get in trouble with various State and Federal regulators. It seems that in the early days of the Internet it was expected that anyone other than end-users would be able to run basic Internet services at their site for themselves, but now the norm even for technical people is to hand control for all of that away to someone else. Things like e-mail, news, DNS, web, ftp, file and print services were all commonly 'self-hosted' and I still prefer the level of control I have over my Internet experience that comes from 'self-hosting'.
Over the years I have spent a lot of time trying new things and refining down the processes that knit all this crap together so that my hobby, which became the doorway to my career wouldn't consume my life. Infrastructure needs caring for but it shouldn't be all consuming. As it stands today the choices I have made support what I may describe as a medium-complexity home network and Internet site.
+-----+ +------+ +-----+ | SJC | <-----> | COLO | <-----> | NYC | +-----+ +------+ +-----+ ^ ^ / \ v v +--------+ +------+ | OFFICE | | HOME | +--------+ +------+
The network today looks like this. It is interconnected by IPSec tunnels over which I run GRE so that I can provide dynamic routing (previously with BGP but now with OSPF). The three sites across the top provide public and private services and the two bottom sites are mostly client devices and internal only services. This demarcation has been the result of changes in the Internet. When I started this whole journey there was only 1 site, my home, and all it had was a dial-up connection at a screamingly fast 14,400 baud. You might think it impossible but I ran my website, e-mail and DNS all on that dial-up connection with very few problems. The growth of the Internet and malware based SPAM changed the landscape over the years, requiring me to move my public-facing infrastructure to a colocation provider to get access to non-residential IP space.
I think the first topic I'll discuss will be DNS. Once you have yourself layer 3 network connectivity in almost all cases you will need yourself some DNS.
Let me know if you find this series idea interesting.
🚀 © MMXX-MMXXII firstname.lastname@example.org
-- Response ended
-- Page fetched on Thu Aug 11 00:05:18 2022