💾 Archived View for going-flying.com › ~mernisse › 19.gmi captured on 2024-05-10 at 10:45:39. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-01-29)
-=-=-=-=-=-=-
I'm thinking about writing a series of articles on how (and why) I run things around here. I spent the better part of a decade working for a national ISP and developed habits and methods for building and caring for systems operating not only at scale but in an environment where 'move fast and break stuff' was not only a resume generating event but also potentially a way to get in trouble with various State and Federal regulators. It seems that in the early days of the Internet it was expected that anyone other than end-users would be able to run basic Internet services at their site for themselves, but now the norm even for technical people is to hand control for all of that away to someone else. Things like e-mail, news, DNS, web, ftp, file and print services were all commonly 'self-hosted' and I still prefer the level of control I have over my Internet experience that comes from 'self-hosting'.
Over the years I have spent a lot of time trying new things and refining down the processes that knit all this crap together so that my hobby, which became the doorway to my career wouldn't consume my life. Infrastructure needs caring for but it shouldn't be all consuming. As it stands today the choices I have made support what I may describe as a medium-complexity home network and Internet site.
+-----+ +------+ +-----+ | SJC | <-----> | COLO | <-----> | NYC | +-----+ +------+ +-----+ ^ ^ / \ v v +--------+ +------+ | OFFICE | | HOME | +--------+ +------+
The network today looks like this. It is interconnected by IPSec tunnels over which I run GRE so that I can provide dynamic routing (previously with BGP but now with OSPF). The three sites across the top provide public and private services and the two bottom sites are mostly client devices and internal only services. This demarcation has been the result of changes in the Internet. When I started this whole journey there was only 1 site, my home, and all it had was a dial-up connection at a screamingly fast 14,400 baud. You might think it impossible but I ran my website, e-mail and DNS all on that dial-up connection with very few problems. The growth of the Internet and malware based SPAM changed the landscape over the years, requiring me to move my public-facing infrastructure to a colocation provider to get access to non-residential IP space.
It is the fate of any human system that becomes successful enough so as to move into the public consciousness as 'infrastructure' to become magic to the general populous. There was a time when electricity was novel and new and so nearly anyone that was involved with it knew it intimately but now all the genius and complexity of the system falls quietly into the background, hidden behind a wall of standards, specifications, tribal knowledge, and assumptions that it will Just Work. So too computers are starting to fade into that realm, layers of abstraction hiding ever more complexity, the inter-networking of them being largely taken care of as a service. This isn't for everyone, that is for sure. Many technical people are perfectly content with opening up their web browser and VSCode and writing some JavaScript, clicking a button to sending it to GitHub and calling themselves a developer. That's fine, we will always need those kinds of people; however, if you are curious about some of the underpinnings that make that workflow function then you might find a series like this useful.
I think the first topic I'll discuss will be DNS. Once you have yourself layer 3 network connectivity in almost all cases you will need yourself some DNS.
Let me know if you find this series idea interesting.
🚀 © MMXX-MMXXIII matt@going-flying.com