Replace all post_url with Hugo ref blocks
This commit is contained in:
@ -116,7 +116,7 @@ I'm a huge fan of Supermicro's IPMI design based on the ASpeed AST2400 BMC; it s
|
||||
IPMI features, notably serial-over-LAN, remote port off/cycle, remote KVM over HTML5, remote USB
|
||||
disk mount, remote install of operating systems, and requires no download of client software. It all
|
||||
just works in Firefox or Chrome or Safari -- and I've even reinstalled several routers remotely, as
|
||||
I described in my article [[Debian on IPng's VPP routers]({% post_url 2023-12-17-defra0-debian %})].
|
||||
I described in my article [[Debian on IPng's VPP routers]({{< ref "2023-12-17-defra0-debian" >}})].
|
||||
There's just something magical about remote-mounting a Debian Bookworm iso image from my workstation
|
||||
in Brüttisellen, Switzerland, in a router running in Amsterdam, to then proceed to use KVM over
|
||||
HTML5 to reinstall the whole thing remotely. We didn't have that, growing up!!
|
||||
@ -371,8 +371,8 @@ I have one more thing to share. Up until now, the hypervisor has internal connec
|
||||
Local_, and a single IPv4 / IPv6 address in the shared colocation network. Almost all VMs at IPng
|
||||
run entirely in IPng Site Local, and will use reversed proxies and other tricks to expose themselves
|
||||
to the internet. But, I also use a modest amount of IPv4 and IPv6 addresses on the VMs here, for
|
||||
example for those NGINX reversed proxies [[ref]({% post_url 2023-03-17-ipng-frontends %})], or my
|
||||
SMTP relays [[ref]({% post_url 2024-05-17-smtp %})].
|
||||
example for those NGINX reversed proxies [[ref]({{< ref "2023-03-17-ipng-frontends" >}})], or my
|
||||
SMTP relays [[ref]({{< ref "2024-05-17-smtp" >}})].
|
||||
|
||||
For this purpose, I will need to plumb through some form of colocation VLAN in each site, which
|
||||
looks very similar to the BGP uplink VLAN I described previously:
|
||||
@ -459,7 +459,7 @@ I run an anycasted AS112 cluster in all sites where IPng has hypervisor capacity
|
||||
Amsterdam, my nodes are running on both Qupra and EUNetworks, and connect to LSIX, SpeedIX, FogIXP,
|
||||
FrysIX and behind AS8283 and AS8298. The nodes here handle roughly 5kqps at peak, and if RIPE NCC's
|
||||
node in Amsterdam goes down, this can go up to 13kqps (right, WEiRD?). I described the setup in an
|
||||
[[article]({% post_url 2021-06-28-as112 %})]. You may be wondering: how do I get those internet
|
||||
[[article]({{< ref "2021-06-28-as112" >}})]. You may be wondering: how do I get those internet
|
||||
exchanges backhauled to a VM at Coloclue? The answer is: VxLAN transport! Here's a relevant snippet
|
||||
from the `nlams0.ipng.ch` router config:
|
||||
|
||||
@ -519,15 +519,14 @@ At IPng, almost everything runs in the internal network called _IPng Site Local_
|
||||
network via a few carefully placed NGINX frontends. There are two in my own network (in Geneva and
|
||||
Zurich), and one in IP-Max's network (in Zurich), and two at Coloclue (in Amsterdam). They frontend
|
||||
and do SSL offloading and TCP loadbalancing for a variety of websites and services. I described the
|
||||
architecture and design in an [[article]({% post_url 2023-03-17-ipng-frontends %})]. There are
|
||||
architecture and design in an [[article]({{< ref "2023-03-17-ipng-frontends" >}})]. There are
|
||||
currently ~120 or so websites frontended on this cluster.
|
||||
|
||||
**SMTP Relays** \
|
||||
I self-host my mail, and I tried to make a fully redundant and self-repairing SMTP in- and outbound
|
||||
with Postfix, IMAP server and redundant maildrop storage with Dovecot, a webmail service with
|
||||
Roundcube, and so on. Because I need to perform DNSBL lookups, this requires routable IPv4 and IPv6
|
||||
addresses. Two of my four mailservers run at Coloclue, which I described in an [[article]({%
|
||||
post_url 2024-05-17-smtp %})].
|
||||
addresses. Two of my four mailservers run at Coloclue, which I described in an [[article]({{< ref "2024-05-17-smtp" >}})].
|
||||
|
||||
**Mailman Service** \
|
||||
For FrysIX, FreeIX, and IPng itself, I run a set of mailing lists. The mailman service runs
|
||||
@ -562,7 +561,7 @@ internal network, and NAT'ed towards the Internet.
|
||||
|
||||
Each border gateway announces a default route towards the Centec switches, and connect to AS8298,
|
||||
AS8283 and AS25091 for internet connectivity. One of them runs in Amsterdam, and I wrote about
|
||||
these gateways in an [[article]({% post_url 2023-03-11-mpls-core %})].
|
||||
these gateways in an [[article]({{< ref "2023-03-11-mpls-core" >}})].
|
||||
|
||||
**Public NAT64/DNS64 Gateways** \
|
||||
I operate a set of four private NAT64/DNS64 gateways, one of which in Amsterdam. It pairs up and
|
||||
@ -571,8 +570,7 @@ useful in general, I also operate two public NAT64/DNS64 gateways, one at Qupra
|
||||
EUNetworks. You can try them for yourself by using the following anycasted resolver:
|
||||
`2a02:898:146:64::64` and performing a traceroute to an IPv4 only host, like `github.com`. Note:
|
||||
this works from anywhere, but for satefy reasons, I filter some ports like SMTP, NETBIOS and so on,
|
||||
roughly the same way a TOR exit router would. I wrote about them in an [[article]({% post_url
|
||||
2024-05-25-nat64-1 %})].
|
||||
roughly the same way a TOR exit router would. I wrote about them in an [[article]({{< ref "2024-05-25-nat64-1" >}})].
|
||||
|
||||
```
|
||||
pim@cons0-nlams0:~$ cat /etc/resolv.conf
|
||||
|
||||
Reference in New Issue
Block a user