euantorano/ungleich-staticcms
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge branch 'master' into new-design

Browse source
This commit is contained in:
PCoder 2019-11-19 14:55:37 +05:30
commit 77676b3e3b
30 changed files with 1547 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

5
Makefile
View file

@ -7,7 +7,7 @@ pull:
git pull
publish: pull build permissions
rsync -av $(BUILDDIR)/ $(DESTINATION)
rsync -av --exclude .lektor/ $(BUILDDIR)/ $(DESTINATION)
permissions: build
find $(BUILDDIR) -type f -exec chmod 0644 {} \;
@ -15,3 +15,6 @@ permissions: build
build:
lektor build -O $(BUILDDIR)
clean:
rm -rf $(BUILDDIR)

BIN
assets/u/image/favicon.ico Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
content/u/blackipv6friday.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 9 KiB

55
content/u/blog/enabling-ipv4-only-sites-for-ipv6-only-networks/contents.lr Normal file
View file

@ -0,0 +1,55 @@
title: via-ipv6.com: enabling IPv4 sites for IPv6 only networks
---
pub_date: 2019-10-17
---
author: Nico Schottelius
---
twitter_handle: NicoSchottelius
---
_hidden: no
---
_discoverable: yes
---
abstract:
We launched via-ipv6.com to enable legacy (IPv4) sites in IPv6 only networks
---
body:
Have you ever been in an IPv6 only network and wanted to reach IPv4
sites without NAT64?
Inspired by talks at [RIPE79](https://ripe79.ripe.net), I decided to
give it a try, whether we can easily expose some IPv4 only sites with
a proxy to the IPv6 Internet.
Turns out, using a bit of nginx magic and an
[IPv6 only VM](https://ipv6onlyhosting.com/) with NAT64 this is
actually not too hard.
## How it works
First of all, all sites are enabled on a site-by-site basis, so this
is not a generic IPv6-to-IPv4 proxy.
For every "site", be it Hackernews, Twitter or Reddit, I created a
subdomain below **via-ipv6.com** like:
* [reddit.via-ipv6.com](https://reddit.via-ipv6.com)
* [twitter.via-ipv6.com](https://twitter.via-ipv6.com)
* [hackernews.via-ipv6.com](https://hackernews.via-ipv6.com)
Each of the sites have their own SSL certificate, not the one used by
the actual site. The reason for this is that I needed the client to
access the proxy instead of failing to access the site (like
reddit.com) by not finding an AAAA entry.
The disadvantage of this is that I have to decrypt and re-encrypt the
traffic. So while I am not interested in your data, I advise to use
this service knowing that the TLS connection is decrypted and
reencrypted on the path.
## List of sites
You find the current list of sites on
[via-ipv6.com](https://via-ipv6.com). If you would like to have
another site added, just ping me on [IPv6.chat](https://IPv6.chat).

100
content/u/blog/free-ipv6-vpn-for-hackerspaces/contents.lr Normal file
View file

@ -0,0 +1,100 @@
title: Free IPv6 VPN for hackerspaces
---
pub_date: 2019-11-08
---
author: Nico Schottelius
---
twitter_handle: NicoSchottelius
---
_hidden: no
---
_discoverable: yes
---
abstract:
From today on ungleich offers free, encrypted IPv6 VPNs for hackerspaces
---
body:
## TL;DR
If you are a hackerspace and you want to hack/work/have fun with IPv6,
send an email to **ipv6hackerspace -at- ungleich.ch** with your
[public wireguard
key](https://redmine.ungleich.ch/projects/open-infrastructure/wiki/The_ungleich_VPN_infrastructure#Sample-clustomer-client-configuration)
plus a short description of your hackerspace and get an IPv6 VPN for free.
## The world belongs to geeks...
"...because nobody else wants it." was a slogan I've once read on a
mug. True or not, fact is that we geeks and hackers are the ones
who live in the Internet, create many of its backbone technologies and
always fight for a better version of it (with varying degree of
success...).
## How the Internet was supposed to be
The Internet was built to foster communication, research and exchange
of ideas. With the tranformation to a commercial driven network and
the exhaustion of IPv4 addresses we changed the way how we use the
Internet: instead of exchanging data directly with each other, we use
intermediate cloud services. Instead of being able to publish
information on any computer, we are hidden by multiple levels of NAT.
We have moved far away from the original idea of the Internet, it's
time to take back control.
## Using IPv6 to change the game, now
With IPv6 we geeks are back in the game, can launch services as we
like, be reachable under the same IPv6 address world wide, can even
carry around our networks and offer them as a service when we visit
other places.
The values of [team ungleich](https://ungleich.ch) are pretty much
aligned with the hacking community (in fact, we run a [Hacking
Hotel](https://hack.digitalglarus.ch/hacking-and-living-in-hotel-diesbach.html)
in [Digital Glarus](https://digitalglarus.ch/)). Our job at ungleich
is to **enable people to do stuff**, so we decided it is time to
enable (other) hackerspaces to join the movement.
## Why hackerspaces?
If you read hacking as in "creative use of technology", it is clear
that creativity should not be limited. To explore new ways of using
the Internet (maybe even [without
facebook?](https://code.ungleich.ch/nico/rif)), you need to be able to
experiment, to explore, to challenge. We love this groove and
want to support this, that's why we support hackerspaces.
## Why a (wireguard based) VPN?
We are aware that there are other tunnel providers and technologies out
there and that is a good thing. The reasons why we opted for a
[Wireguard VPN based solution](https://ipv6vpn.ch) are following:
* wireguard: it's very easy and slim and does not require IPv4 inside
the tunnel ([which OpenVPN still
does](https://ungleich.ch/en-us/cms/blog/2019/09/10/openvpn-vs-wireguard/)). Also
it works on "almost any device" including Linux, BSD and niche OS
like Windows, macos, iOS and Android.
* VPN: work with dynamic IPs, works behind CGNAT
(feel free to challenge this decision in a discussion on
[IPv6.chat](https://IPv6.chat))
## Getting IPv6 for a hackerspace
To get IPv6 for your hackerspace, simple write an email to
ipv6hackerspace -at- ungleich.ch with a short description of your
hackerspace and your public [wireguard](https://www.wireguard.com/)
key.
You can find more information on how to configure wireguard and how to
create the public key in the [ungleich redmine
wiki](https://redmine.ungleich.ch/projects/open-infrastructure/wiki/The_ungleich_VPN_infrastructure#Sample-clustomer-client-configuration).
## IPv6 chat
If you want to stay in touch with us and talk about IPv6 **IRC alike**,
you can join us on the [IPv6 chat](https://IPv6.chat).

170
content/u/blog/hack-a-job-2019/contents.lr Normal file
View file

@ -0,0 +1,170 @@
title: Hack-a-job (2019 edition)
---
pub_date: 2019-10-08
---
author: ungleich
---
twitter_handle: ungleich
---
_hidden: no
---
_discoverable: yes
---
abstract:
Hack a job in 42 hours and live in Switzerland afterwards.
---
body:
On the 1st of November to 3rd of November the 2019 edition of
**Hack-a-job** will take place in the
[Hacking Hotel Diesbach, Switzerland](https://hack.digitalglarus.ch/hacking-and-living-in-hotel-diesbach.html).
## Hack a what?
We are a team of hackers running the [Data Center
Light](https://datacenterlight.ch) at [ungleich](https://ungleich.ch)
and we think that hacking to get a job is the right way
of finding someone fitting to us.
## How does it work?
At Hack-a-job you have one weekend to show your skills. You will be
given the choice of three different tasks and you choose one of them.
You then have 42 hours to do your best to solve the task. During these
42 hours, we will coach you and direct you into the right direction.
During that time, food and drinks will be provided.
After 42h you present your work and in the afternoon of the
Sunday, everyone will get direct feedback from the jury.
## Who can apply?
At this Hack-a-job edition anybody can apply, who can start working in
Switzerland without special work permits. This usually includes
* citizens of EU/EFTA countries
* Swiss citizens
Checkout
* https://www.swissinfo.ch/eng/work-permits/29191706
* https://www.sem.admin.ch/dam/data/sem/eu/fza/broschueren/blau-europaeer-in-ch-e.pdf
for more details.
Unfortunately we cannot offer anyone from
"third states" to participate, as this has complicated and partially
impossible constraints for hiring attached. If you are a creative mind
and can convice us that you can be hired nonetheless - this might be a
good chance for earning first points.
You should be at least 18 years old to participate.
Go [to the application page for registering!](https://survey.ungleich.ch/2/).
## Who gets the job?
**Up to two people** can stay and to join our team.
The criteria for evaluation can be seen below.
We promise to be fair, however joining Hack-a-job does not mean
you get the job.
### Degree of success
How much of the task did you get done?
Is it solved
* not at all
* partially
* mostly
* fully
?
### Cleanliness of the solution
Is your solution
* documented?
* easy to understand?
* using best practice?
### Creativity of the solution
Did you think out-of-the-box? Are you employing smart solutions?
### Sustainability / Unix Philosophy
How much did you think about running your application for longer?
Did you follow the unix philosophy?
### Communication
Work is only worth something, if other team members can work with
you. How do you communicate with the mentors?
How do you present your solution?
## What if I win?
The winner(s) of Hack-a-job are getting offered the following:
* A 1 year contract with ungleich, likely to be extended
* A monthly pre-tax salary of 2'500 CHF
* A paid stay in the Hacking Hotel with native IPv6 10 Gbit/s network
* A halb tax (half fare) card for Swiss trains
Additionally you can request to be reimbursed for the travel expenses
to Hack-a-Job.
## What if I don't win?
Then you probably will take home a lot of new knowledge and you will
get a certificate for participation. Also you get a good feeling for
being one of the 6 people that were invited in the first place.
## How to prepare?
We recommend to refresh your knowledge of the following topics prior
to participation:
* Python3: you should be able to code mildly complex programs
* HTTP / REST: you should be able to talk REST
* Networking: Basic knowledge of IPv6 (including multicast), VLAN and
VXLAN
* Storage: knowledge of Ceph of advantage ("how to build a small cluster")!
* OS: knowledge of either Linux or BSD, Unix commandline, Shell
scripting
### What to bring?
You need to bring yourself, a working computer (including
wifi) with either Linux or BSD on it and a sleeping bag.
## The schedule
* 2019-10-08: Openning of CfP
* 2019-10-20: midnight UTC: close of CfP
* 2019-10-22: Notification of invitation
* 2019-11-01 1300 to 1600: Hacking Hotel opens for arrival and registration
* 2019-11-01 1600 to 1700: Introduction of the three tasks
* 2019-11-01 1700 to 2019-11-03-1100: Hack-a-Job main event!
* 2019-11-03 1100 to 1300: Presentations
* 2019-11-03 1300 to 1500: Final lunch
* 2019-11-03 1300 to 1500: Jury meeting
* 2019-11-03 1500: Presentation of jury ratings and notification of winner(s)
## The location
Hack-a-Job will be held in the
[Hacking
Hotel](https://hack.digitalglarus.ch/hacking-and-living-in-hotel-diesbach.html)
in Switzerland, 8777 Diesbach, Hauptstrasse 28. The nearest train
station is **Diesbach-Betschwanden**.
## More information
You can get in touch with us via
* email: info at ungleich.ch
* chat: [chat.ungleich.ch](https://chat.ungleich.ch)

20
content/u/blog/hacking-an-ipv6-based-chat-system/contents.lr Normal file
View file

@ -0,0 +1,20 @@
title: Hacking an IPv6 based chat system (WIP)
---
pub_date: 2019-10-13
---
author: Nico Schottelius
---
twitter_handle: NicoSchottelius
---
_hidden: yes
---
_discoverable: no
---
abstract:
The strength of IPv6 is to allow direct connections between devices.
Let's explore how one could build a fully decentralised chat system.
---
body:
As you might know, recent events in
[Hong Kong](/u/blog/how-ipv6-can-help-protesters-in-honk-kong)

89
content/u/blog/how-ipv6-can-help-protesters-in-honk-kong/contents.lr Normal file
View file

@ -0,0 +1,89 @@
title: How IPv6 can help protesters in Hong Kong
---
pub_date: 2019-10-08
---
author: Nico Schottelius
---
twitter_handle: NicoSchottelius
---
_hidden: no
---
_discoverable: yes
---
abstract:
Protesters in HK encountered communcation disruption by Apple.
This article shows how this can be avoided by using IPv6.
---
body:
Recently
Apple decided to [remove a central
app for communication in Hong
Kong](https://www.bbc.com/news/technology-49919459), just
[to add it later
again](https://www.bbc.com/news/technology-49961149).
With this move Apple effectively disrupted the communication between
people demonstrating in Hong Kong and at the same time endangered
those who wanted to protect themselves from violance on the streets.
In this article I want to show how this problem can be mitigated by
the use of IPv6.
## The core problem: centralisation
The main problem is that we depend on centralised
services. One of the questions is, why do we depend on centralised
services at all? The reason for this is that there are not enough IPv4
addresses and for that reason we use NAT to hide multiple devices
behind one IPv4 address. Wait what? Let's take it a bit slower.
## How NAT works
In the old times of the Internet, every device in the Internet used to
have a public IPv4 address. However when the number of devices began
to exceed amount of officially available IPv4 addresses, NAT was
introduced and it works as follows:
![IPv4 NAT](/u/ipv4nat.png)
Many devices are hidden behind one Public IP address. So for a phone
to communicate with another phone, it needs to connect via a
central, publicly available IPv4 server. So in the end, the complete
picture looks as follows:
![IPv4 Double NAT](/u/ipv4doublenat.png)
## How IPv6 solves the problem
In the IPv6 world, there are enough IP addresses available.
So every device, every smart phone, every alarm clock, every computer
can have a public IP address. Because every device can have a public
IPv6 address, they can communicate directly with each other:
![IPv6 direct connections](/u/ipv6direct.png)
## How to communicate with IPv6?
So how does it look like with IPv6? Instead of relying on a central
entity (Apple in this case), you can directly connect to the phone of
your friends. This way, you could even use your standard browser like
Firefox, Chrome or Safari to write a message to your friend's phone.
## So, what to do now?
At the moment IPv6 is picking up pace in deployment and ISPs
everywhere in the world are moving forward with it.
However, if you do not have IPv6 connectivity,
[ungleich provides IPv6 VPNs](https://ungleich.ch/ipv6/vpn/) that
enable you world wide to have IPv6.
If you are an application developer, I urge you to checkout whether
your application supports IPv6, because in the future you might enable
people to talk to each other, just by supporting IPv6 now already.
## More IPv6
If you are interested in IPv6, we invite you to join the [IPv6
chat](https://IPv6.chat) or [follow us on
Twitter](https://twitter.com/ungleich).

144
content/u/blog/how-ipv6-changes-the-world/contents.lr Normal file
View file

@ -0,0 +1,144 @@
title: How IPv6 changes the world already
---
pub_date: 2019-11-16
---
author: ungleich
---
twitter_handle: ungleich
---
_hidden: no
---
_discoverable: yes
---
abstract:
Let's dive into the changes caused by IPv6
---
body:
So we had all those nice, theoretical articles about
how IPv6 **could** change the future. At ungleich we are already
seeing many things changing and for that reason we start this series
of blog articles about how IPv6 changes the world.
## The Base Claims
When starting a series of blog entries about how IPv6 changes the
world, there are some assumptions and general understandings. In this
article we will try to illustrate what we think is already given.
## Claim 1: Everyone can have IPv6 connectivity
We know that not every ISP provides IPv6 connectivity yet, but that
is really not a show stopper for IPv6 connectivity. We have even
written an [blog article about how to get
IPv6](https://ungleich.ch/en-us/cms/blog/2019/02/05/how-to-get-ipv6/)
and our conclusion is: **everyone can have IPv6 connectivity**.
If you are missing options there, give us a shout, we are glad to
add them. Point being, we are very confident saying there is nobody
who cannot have IPv6 connectivity anymore. We even offer
[free IPv6 connectivity to hacker spaces](https://ungleich.ch/u/blog/free-ipv6-vpn-for-hackerspaces/).
If you very much disagree with us, we are open to be challenged by you.
## Claim 2: Everyone can host content IPv6 reachable
If you are in the content or publishing business, you can easily have
your content reachable by IPv6. All bigger
[CDNs](https://en.wikipedia.org/wiki/Content_delivery_network) support
IPv6 and even if you happen to host on an IPv4 only web hoster,
there is
[via-ipv6.com](https://ungleich.ch/u/blog/enabling-ipv4-only-sites-for-ipv6-only-networks/),
a proxy service enabling all your IPv4 content by IPv6.
And we don't
say you should be using that service, you can also easily build it
yourself: you can use any IPv6 only VM and you can setup a proxy for
yourself.
## Claim 3: The world is now really moving towards IPv6
We know, there was this very, very unfortunate miscommunication many
years ago that we already ran out of IPv4 addresses. That was
only IANA running out of blocks to assign to the RIRs, however the
RIRs
([RIPE](https://www.ripe.net/),
[APNIC](https://www.apnic.net/),
[AFRINIC](https://www.afrinic.net/),
[lacnic](https://www.lacnic.net/) and
[ARIN](https://www.arin.net/)) did have plenty of IPv4 addresses
left. This situation changed since 2011 and now
ARIN is really out of IPv4, RIPE
is likely to run out of IPv4 in 2019. LACNIC and
AFRINIC are soon (probably 2020) to follow. APNIC on the other hand is already having a **per resource
fee**, which let it run out of IPv4 slower.
But, and there is the big but: APNIC slowing down the IPv4 run out has
a cost. And the cost is for companies who are relying on IPv4
addresses. So if you are in the APNIC region, you already pay around
1800 AUD for a /22 IPv4 network yearly.
The situation is somewhat similar in the regions that are running out
of IPv4, only that you need to buy or lease your IPv4 space there from
some market. The price for an IPv4 address is around $25 at the
moment, so if you were to buy a /22 IPv4 network, you would have to
spend more than $25'000. And this is not feasible for most SMB.
Even if you don't acquire IP addresses directly from a RIR and
run your service on a
[cloud like GCP, you begin to pay more for IPv4
addresses now](https://news.ycombinator.com/item?id=20742965).
So what is the alternative? It clearly is IPv6. Not because
there are many IP addresses in IPv6, but because
**IPv6 is affordable**.
So in short, why the world now really moves to IPv6:
* IPv4 now becomes a real cost factor
* It is not easy to acquire additional IPv4 space anymore
* IPv6 is economically more feasible
* We take the way of the least resistance, which is now IPv6
## Claim 4: IPv6 will re-enable end users
Due to the long ongoing IPv4 shortage, we are very much used to
[NAT](https://en.wikipedia.org/wiki/Network_address_translation). Some
people even believe that private IPv4 addresses are more secure,
which, generally speaking, is a bogus claim. You still need a
firewall, as you do with IPv6.
The bigger problem with private IPv4 addresses is that users have been
taught that they cannot reach each other directly. And this eventually
led to the rise of cloud services, because people were unable to reach
each other or to exchange data directly.
The Internet was built with the idea that everyone can reach everyone
else directly. NAT was only introduced due to the shortage of IPv4
addresses.
With the advent of IPv6, there are many "new old" ways of how we can
work together.
## Claim 5: End users start to care
Directly following from claim 3 & 4 and also something that we noticed
happening in 2019: Real end users start to care about IPv6. The amount
of tweets on Twitter containing
[#ipv6](https://twitter.com/search?q=%23ipv6) is growing and people
are asking more vendors more often to support IPv6 on their
infrastructure (like here for
[discord](https://www.reddit.com/r/ipv6/comments/dx94ty/discord_users_petition_for_ipv6_support_in_discord/)).
## The changes of IPv6 to the world
In the next articles we will describe some real, practical changes of
what we use and how we can work differently with IPv6. If you already
have suggestions, we are happy to read them on **ipv6 at ungleich.ch**
or on the [IPv6 Chat](https://IPv6.chat).
Meanwhile, if you are
interested in giving IPv6 only VPS a try, there is a 50% discount only
until [Black IPv6
Friday](https://swiss-crowdfunder.com/campaigns/black-ipv6-friday?locale=en).

121
content/u/blog/how-ipv6-saves-you-money/contents.lr Normal file
View file

@ -0,0 +1,121 @@
title: How using IPv6 saves money
---
pub_date: 2019-11-18
---
author: ungleich
---
twitter_handle: ungleich
---
_hidden: no
---
_discoverable: yes!
---
abstract:
It's not a question of ideologcy or technology, but of resources.
---
body:
Today we focus on one of the very obvious effects of IPv6: saving
resources and thus money. This post is part of the
[how IPv6 changes the world](/u/blog/how-ipv6-changes-the-world/)
series.
## The general way of saving money with IPv6
Economically, the less of something exists, the more expensive it
is. There is only one Mona Lisa and that one is quite
expensive. Similar if you move out of a city
(like to
[Digital
Glarus](https://hack.digitalglarus.ch/hacking-and-living-in-hotel-diesbach.html)),
rent become more affordable.
As stated in the previous post, it has gotten quite expensive for companies
to acquire IPv4 address space and
[the prices are
rising](https://www.retevia.net/address-pricing-2019-and-beyond/).
Compared to what we paid 2 years ago, the
**market price is now 600% as high**.
So as a company like us, when the cost is rising, we transparently
forward the price increase to the end users to stay profitable.
So if you opt out of IPv4, we don't need to buy more space and neither
of us needs to spend money on it.
## Most services work without IPv4
And this brings me to the question of what one can do without an
explicit IPv4 address. And the answer is: almost everything you could
do with an IPv4 address.
Here at ungleich we spent quite some time to allow a seamless
migration to an IPv4 free world:
* If you want your server to be reachable from the IPv4 Internet,
you can use our [IPv4-to-IPv6
Proxy](https://redmine.ungleich.ch/projects/open-infrastructure/wiki/How_to_use_the_IPv4-to-IPv6-Proxy),
which even works with HTTPS.
* If you want to access something via IPv6, but you don't have IPv6
connectivity, we can provide you with an [IPv6
VPN](https://ipv6vpn.ch), which works even through CGNAT. It is also
free, if you have any VPS running from [IPv6OnlyHosting](https://ipv6onlyhosting.com).!
There are rare exceptions of things that do not yet fully work, but
we even work on these cases.
## Saving money #1: IPv6 only VPS
One of the most obvious gains is, if you decide to go with
[IPv6 only VPS](https://ipv6onlyhosting.com/), because there you are
directly rewarded more affordable prices.
Be it Google, ungleich or our friends at
[mythic beasts](https://www.mythic-beasts.com/), we are all in the
same situation that IPv4 addresses cost us money.
As a user, you even have the ability influence this
development: the more IPv6 only services you consume and the less you
rely on IPv4, the more it becomes the standard and the less everyone
is depending on IPv4. It's a positive feedback cycle.
## Saving money #2: Going IPv6 only
Another very simple case is the network management in SMB and even
enterprises. The bigger you are, the more networks you have to manage
and in our experience, dual stack networks (IPv6+IPv4) are no fun to
maintain and have rather high complexity when it comes to security /
ACLs/ firewalling.
However you will need IPv6 in your network eventually anyway. So the
strategy that we recommend is to switch directly to IPv6 only
networks.
This way your network planning becomes significantly easier, also in
comparison to IPv4 networks. You don't have to spend a lot of time
into network planning anymore, as you can use a /64 for every
individual networks.
This way you reduce complexity and are future proven at the same time.
## Saving money #3: Not using the cloud
Another interesting aspect with IPv6 is to avoid cloud services at
all. Instead of uploading your data somewhere and having somebody else
downloading it again, you can easily share data or communicate with
other employees directly using IPv6.
## Saving money #4: The IPv6 Black Friday
At the moment we run a special IPv6 promotion campaign
named [Black IPv6
Friday](https://swiss-crowdfunder.com/campaigns/black-ipv6-friday?locale=en)
at which you can even get up to 50% discount on the already more
affordable IPv6 only products.
## More money saving?
If you think we missed an opportunity to save money with IPv6, let us
know on the [IPv6 Chat](https://ipv6.chat) and we will add the hint
for others.

2
content/u/blog/how-to-enable-ipv6-in-applications/contents.lr
View file

@ -2,7 +2,7 @@ title: How to enable IPv6 in applications
---
pub_date: 2019-09-26
---
author: Team ungleich
author: ungleich
---
twitter_handle: ungleich
---

96
content/u/blog/how-to-run-your-browser-in-the-cloud/contents.lr Normal file
View file

@ -0,0 +1,96 @@
title: How to run your browser in the cloud
---
pub_date: 2019-11-18
---
author: Nico Schottelius
---
twitter_handle: NicoSchottelius
---
_hidden: no
---
_discoverable: yes
---
abstract:
Finally, freeing my notebook from memory and CPU pressure
---
body:
So I have this problem: [no matter which notebook I
buy](https://www.nico.schottelius.org/about/computers/), some
applications are always to "heavy" for it. Notably running two
browsers has so far exhausted the available RAM on my notebook.
## The Pros and Cons of the cloud
For many years I have the strict policy to be able to work
autonomously with my notebook. So moving parts of what I use to the
cloud was rarely an option. I want to be able to work offline.
However this comes with a drawback that switching the notebook can be
a bit cumbersome. So I migrated to a git + nextcloud + imap
based setup in which all "small files" (notes, source code, etc.)
reside in git repositories and "big files" (photos, videos, etc.)
reside in Nextcloud.
One thing I always want to have locally, are my emails, which I read
in [emacs](https://www.gnu.org/software/emacs/)
(using [mu4e](https://www.djcbsoftware.nl/code/mu/mu4e.html)).
Using mbsync / isync this problem has also been solved - my mails are
local and remote.
## The browser
While you can make a joke about emacs consuming all my memory (it
stands for [Eight Megabytes And Constantly
Swapping](https://www.gnu.org/fun/jokes/gnuemacs.acro.exp.html),
doesn't it?), the real problem are actually browsers. It was a problem
on my 256MB RAM notebook in 1998 with Netscape Navigator, it is still
a problem with firefox and chromium and 16GB RAM in 2019.
Even if you are crazy and upgrade to a 32GB RAM notebook, like I did,
you finally become CPU bound! Yes, indeed, the tabs of my browser
consume all CPU cores - while it is idling.
There is an important discussion around why browsers use
so many resources and how to optimise this, however this is not the
focus of this post...
## The browser in the cloud
Working at [ungleich](https://ungleich.ch), literally less than
50 meters away from the [Data Center
Light](https://datacenterlight.ch), I was wondering whether or not I
can actually use one of our VMs to outsource my browser.
First check: does it make sense? I use the browser, to browse the web
and it is rarely of use in an offline scenario. So it is a possible
candidate for moving out of my notebook.
Second check: how would I access it? I potentially want to be able to
access it from anywhere, even without my notebook. Luckily we have
recently gained some knowledge about
[Apache Guacamole](https://guacamole.apache.org/), which lets me
access VNC, RDP and even SSH via the web. Guacamole also supports 2FA,
which is a nice add-on.
Sanity check: So... I can *use a browser to access my browser*
in the cloud. Does that actually make sense? And the answer for me is
yes, because instead of running many tabs, I only have to run 1 tab
locally and can outsource the rest.
## More in the cloud
Actually, what happens behind the scenes is that the VM is running VNC
(we are also experimenting with XRDP), so I have actually full access
to a remote Linux desktop via browser and can even run applications
like libreoffice, blender or gimp remotely.
Because I think it's a cool thing to have, our team at ungleich added
it as an offer to our [Black IPv6 Friday
Crowdfunding](https://swiss-crowdfunder.com/campaigns/black-ipv6-friday?locale=en).
Below you can actually see how it looks like:
![Desktop in the cloud](/u/desktop-small.png)

30
content/u/blog/how-to-support-open-source/contents.lr Normal file
View file

@ -0,0 +1,30 @@
title: How to support Open Source
---
pub_date: 2019-10-08
---
author: Nico Schottelius
---
twitter_handle: NicoSchottelius
---
_hidden: yes
---
_discoverable: no
---
abstract:
How to support Open Source as a hosting company
---
body:
## TL;DR
Anyone who is working on a serious open source project can apply
for a free IPv6-VM and free IPv6-VPN.
## More information
You can get in touch with us via
* email: info at ungleich.ch
* chat: [chat.ungleich.ch](https://chat.ungleich.ch)

155
content/u/blog/isnt-it-too-late-to-build-a-datacenter/contents.lr Normal file
View file

@ -0,0 +1,155 @@
title: Isn't it too late to build a data center?
---
pub_date: 2019-10-09
---
author: ungleich
---
twitter_handle: ungleich
---
_hidden: no
---
_discoverable: yes
---
abstract:
Is it or is it not too late to build a data center?
---
body:
The very valid question,
[isn't it too late....to build a
data center?](https://twitter.com/Mac_S13/status/1181983378100424710)
was asked on Twitter and it made our team here in Glarus smile a lot,
and we decided to write a blog article about this question.
## Fiber = the advantage of a data center?
According to the tweet, the main strength of a data center is fast
network connection, or the fiber line that you have. And nowadays,
everyone has fast fiber, so it follows that data centers are maybe not
needed anymore.
## TL;DR
It is not that easy.
## How to run a data center in reality
Some time ago we wrote about
[How to run a really green
data center](https://ungleich.ch/de/cms/ungleich-blog/2019/07/12/how-run-really-green-datacenter/).
Admittedly, the question was not about running a **green** data
center, so let's dive a bit more into it.
Running a data center like we do at [Data Center
Light](https://datacenterlight.ch) does indeed require a fiber
connection. To be precise, actually a couple.
## How much fiber is enough fiber?
Don't tell anyone, but geeks are working at ungleich. And according to
geeks, there is never enough fiber. But for real, how much fiber is
needed? In our case, running a data center at 3 different locations,
requires a couple of dark fiber lines and a couple of redundant
upstream connections. Using the rule of thumb, let's say we need at
least 3 fiber connections:
* One for location A
* One for location B
* One to connect locations A and B
So are three fiber connections enough?
## What is actually in a data center?
Maybe the real question is, why would you run a data center at all?
Alright, for the geeks of us, "just because I can" is a reason, but
let's think about other cases as well. For instance we are running a
data center, because we our customers asked us to run one (easy, isn't
it?). So some years ago we started buying hardware like switches,
servers, SSDs, cables, transceivers, disks, network cards, access
points and even much, much more cables.
And why did we do that? Because we were asked to host virtual machines
and data for our existing customers. So if you want to run a data
center, you also need a bit of hardware.
And there comes one of the bigger problems: hardware also needs to be
turned on. And if it is on, it actually consumes energy and you do not
proper fuses. Not only the ones inside the data center, but also the
ones going into the building!
## So what do you need to run a data center?
So to run a data center, you need at least
* enough power (best to be 100% renewable here!)
* enough network capacity
* enough space
These are the three base ingredients for a data center. Then the only
thing that is left, like for every good menu, is a chef. And in case
of a data center, the chef is the team running it. The team that is
available all the time, that fixes the network, replaces the disks and
servers, etc.
## Too late or not too late? To be or not to be?
We would like to rephrase the question a bit, because we actually
think the notion of the question was more: **Does it make sense to
start a new data center TODAY?**
So what is the answer to this seemingly easy to answer question? Does
it make sense or not?
We want to answer with a crystal clear **yes-and-no** answer.
### Yes, build a new data center today
We encourage everyone to actually build their own data center. Get
some IPv6 space to your home, get a bit of equipment. Even get some
servers. Maybe even some ARM servers to save some energy for a change?
Build it, like it, maybe even fail at it. It is a great experience to
build your own. We strongly believe into decentralisation, so we
encourage distributing the Internet more to different places.
Put all the fun stuff on it. Put your development on it. Don't forget
to backup your stuff to somewhere else, though.
We even invite you to [join our chat](https://chat.ungleich.ch) to ask
about how to build a data center and we are more than happy to share
our experiences.
### No, don't build a new data center today
If you start fresh and you are not with an experienced team and you
want to offer services to other people, we dis-recommend building a
data center on your own. Taking the responsibility to run things even
when you are sick, even when you want to go to holidays, even if it is
3am is not very healthy if you are not a team that works well
together.
If you think that the world is already well off with Amazon and co.,
it is also not a good idea to build one yourself. You need to be able
to stay in the business even though you get questions like "But I can
put everything to Amazon - why does it need you?"
## Does fiber at home make data centers redundant?
And to answer the other implicit question asked: we think that fiber
at home actually enables the use of data centers better. So far if
your connection was slow, you had to have all your data
locally. With fiber at home, you can store your data anywhere (you
probably shouldn't, but that is a topic for a different post) and
access it quickly.
## More of it?
If you want to learn more about this topic,
you can always get in touch with us as follows:
* email: info at ungleich.ch
* open chat: [chat.ungleich.ch](https://chat.ungleich.ch)
<!-- LocalWords: SSDs
-->

119
content/u/blog/nftables-magic-redirect-all-ports-to-one-port/contents.lr Normal file
View file

@ -0,0 +1,119 @@
title: How to redirect all ports to one port with nftables
---
pub_date: 2019-11-07
---
author: ungleich
---
twitter_handle: ungleich
---
_hidden: no
---
_discoverable: yes
---
abstract:
How to redirect traffic from all (tcp/udp) ports to another port.
And why one would want to do that...
---
body:
## Motivation
Sometimes networks (like hotels or airports) block or filter
outgoing traffic and thus prevent you to connect to where you want to
connect to.
Here at [ungleich](https://ungleich.ch) we are travelling quite a lot,
but we always want to be able to access the servers of
[Data Center Light](https://datacenterlight.ch).
To be able to do so from anywhere in the world, we needed to
ensure that we have some way of connecting to them, even if the
network filters traffic to the ssh port (tcp/22).
While our main motivation was to enable ssh, the example below can be
adjusted to any service, including http, https, smtp, ...
## A solution based on nftables
As you might know we are
[big fans of
nftables](https://ungleich.ch/de/cms/ungleich-blog/2018/08/19/iptables-vs-nftables/)
and this hotel/airport problem motivated us to once again checkout
what we can achieve just with nftables.
Typically these networks will still allow outgoing traffic on
*some ports*, but we don't know *which ports*.
So instead of guessing which port we should bind SSH to,
we will just use nftables to make ssh available on
*all TCP ports*. Simple idea, isn't it?
## How it works
To achieve our goal we need to tell nftables to take the traffic that
goes to any port that is not our target port, to be redirected to our
target part. If you have other services running on the host, you might
want to adjust this logic though (see below). The following
nftables snippet will already do the job:
```
flush ruleset
table ip nat {
chain prerouting {
type nat hook prerouting priority 0;
tcp dport != 22 redirect to 22
}
chain postrouting {
type nat hook postrouting priority 0;
}
}
```
You can save this as nftables.conf and run
```
nft -f nftables.conf
```
to see it working on your system.
After applying this, we can use `ssh -p <port>` to choose any port and
connect to our server:
```
ssh -p 80 serverX.placeY.ungleich.ch
```
## Using specific ranges or ports only
If you have other services running on the system, you might want to
restrict the ports to be used for ssh. You can either use **sets**
(nftables syntax: *{ a, b, c, ... }*) or **intervals**
(nftables syntax: *X - Y*) as follows.
```
tcp dport 2000-4000 redirect to :ssh
tcp dport {23, 25, 80, 443 } redirect to :ssh
```
(just replace the *tcp dport != ...* line above)!
## A note on ports
Over time you will see that there are some ports which are more likely
to be open, even if the network filters your traffic. Some well known
ports for this are:
* 80: regular http traffic
* 53: DNS, uses UDP by default, but TCP is also part of the standard
* 443: usually has encrypted https traffic
* 783: smtp submission port for sending out emails
Of course, if the filtering uses deep packet inspection, this will
fail, but then there are other solutions for that... stay tuned!
## More of it?
If you are interested in more of this, we invite you to join our
[open infrastructure chat on chat.ungleich.ch](https://chat.ungleich.ch).

78
content/u/blog/the-biggest-ipv6-bargain-ever/contents.lr Normal file
View file

@ -0,0 +1,78 @@
title: The biggest IPv6 bargain ever: Black IPv6 Friday
---
pub_date: 2019-11-15
---
author: ungleich
---
twitter_handle: ungleich
---
_hidden: no
---
_discoverable: yes
---
abstract:
The world's first Black IPv6 Friday campaign starts today!
---
body:
![Back IPv6 Friday](/u/blackipv6friday.png)
## TL;DR
IPv6 allows you to deploy the same things, just with less money.
And right now it get's even crazy with [up to 50%
discount](https://swiss-crowdfunder.com/campaigns/black-ipv6-friday?locale=en)
on even the already very affordable IPv6 only offers.
*Valid only until 2019-11-29*.
## The Black IPv6 Friday
So you have probably heard about the
Black Friday, haven you?
We want to take this to the next level with the
**Black IPv6 Friday**, which might be **the biggest discount on IPv6
only services in history**!
## IP... what?
You might have heard some things about
[IPv6](https://en.wikipedia.org/wiki/IPv6) already, but what you might
not know yet is that you can actually save money by using
IPv6. Significantly. But let's first have a short look what IPv6
actually is.
## The IPv6 and IPv4 Internet
IPv4 is the "old", some people even call it "legacy", Internet. It has
been in use for a while, however its
[shortage of addresses](https://ipv4.potaroo.net/)
[has become a real
problem](/u/blog/when-does-ripe-run-out-of-ipv4-addresses/). Whenever
there is a shortage, prices jump up steeply and, in the end, the
end customer has to pay that price.
To fix this problem, the successor IPv6 was designed with a huge
amount of addresses. Not an infinite number, but for everything that
we want to do in our lifetime, we could call it "almost infinite".
For many years, vendors and providers were only slowly adapting
IPv6. However with the imminent IPv4 exhaustion in 2019, the game
changed and IPv6 has become a hot topic everywhere.
## How you save money by using IPv6
And this brings us to how you can save money with IPv6: instead of
renting IPv4 addresses at home, in the office or at your cloud
provider, you can now rely on IPv6 only. There also exists support to
enable IPv6 only services to the IPv4 Internet - and that is even for
free.
## The biggest IPv6 bargain
So with all of this, doesn't it sound interesting go with IPv6?
We want to make it even easier for you to get
started and offer **up to 50% discount** on the regular offers. This
deal is available on the [crowdfunding campaign on
Swiss-Crowdfunder.com](https://swiss-crowdfunder.com/campaigns/black-ipv6-friday?locale=en).
But beware: it only gets real if the goal of 20'000 CHF is reached
until 2019-11-2!9. Otherwise there will be a 100% refund to all orders.

147
content/u/blog/the-importance-of-decentralisation/contents.lr Normal file
View file

@ -0,0 +1,147 @@
title: The importance of decentralisation
---
pub_date: 2019-11-14
---
author: ungleich
---
twitter_handle: ungleich
---
abstract:
Or: why the Internet still functions
---
body:
Did you ever wonder, why the Internet is as robust as it is?
Then this article is for you.
## The Internet Architecture
The Internet basically consists of a lose collaboration of network
service operators. Each operator, whether an individual or a large
scale enterprise, can announce their own networks and run services in
their own networks.
The dependency on other providers is relatively low, the only thing
you need to operate in the Internet is one or more upstream
providers. If you happen to have many of them, we call this
**peering** and it allows you to get good deals for data exchange.
## Decentralisation is an enabler
Because each operator can decide what to run in their network, whether
it's providing access to websites, providing a mail infrastructure,
providing a webshop or other services. What you do, what you sell is
up to you.
So far so good, isn't it?
## The threat of centralisation
In the real world, we see that some services have become strictly
centralised. Services like ebay, amazon, google or facebook are very
convenient, because they allow access to a lot of resources, but are
also very dangerous at the same time.
### Problem one: Seller dependency
Imagine you are selling pink socks. Because pink socks are
the coolest and they make people feel more warm in winter.
Imagine further you exclusively sell your products solely through
one of these platforms. Then the provider bans you from their website,
because pink is considered to be incorrect, socks always have to be
black. This will ruin your business model completely, because you
don't have an alternative.
While the example of pink socks is fictional, there are
[many such real world cases](https://duckduckgo.com/?q=bannled+from+selling+on+amazon).
### Problem two: Buyer dependency
On the other hand as a consumer, if you usually go to one site. Now
if you are banned from that site, you cannot approach the seller, even
if the seller wanted to sell to you.
### Problem three: Censorship
A generic problem with centralised platforms is censorship. This is a
very important one, as it applies to providers in
[a lot
nations](https://en.wikipedia.org/wiki/Internet_censorship_and_surveillance_by_country).
We have seen censorship on a variety of platforms including a variety
of reasons including political motivated censorship. Centralised
platforms are especially prone for censorship with huge effects.
### Problem four: Lack of choices
Once a centralised platform has been established, the lack of choice
forces sellers, buyers and consumers into a strong dependency (related
to this is [strong vendor
lock-ins](https://en.wikipedia.org/wiki/Vendor_lock-in). If the
platform raises prices or decides to reduce privacy features, users
don't have a choice, but to accept, if there are no alternatives.
## Some many problems - what is the solution?
Like we say in Switzerland, we like to **buy locally**, supporting
small shops and small companies. But how do you realistically do this in
the Internet? We see one easy to use way that is not on everyone's
radar: **switching to IPv6**. Let us show you how to establish your
own presence in 3 small steps.
### 1. Acknowledge that you are a network operator
First of all, anyone can be a network operator. This is how the
Internet was built and it is still true. You can start by
[getting your own IPv6
space](https://ungleich.ch/en-us/cms/blog/2019/02/05/how-to-get-ipv6/).
This is really easy and in case you are using the
[IPv6VPN.ch](https://IPv6VPN.ch) only requires installing
[wireguard](https://www.wireguard.com/) and a configuration.
### 2. Setup your own presence
When you have your own IPv6 range, you can run anything in it. From a
website, to mail servers, ... anything any other operator can do.
If you don't know how to do that, you can ask for help on the
[IPv6.Chat](https://IPv6.chat), where you find many people who are
using IPv6 on a daily basis.
You can even setup your [own social
network](https://mastodon.social/about) on your infrastructure!
### 3. Talk about it
Many people are not aware that with IPv6 the game really changes and
that everyone is back in the game. So when you start your journey, we
ask you to talk about it and enable other people.
### 4. (optional) Get an IPv4 Proxy
If you want to be reachable from the IPv4 world, you can also use an
IPv4-to-IPv6 proxy, which you find the the [IPv6
Shop](https://ipv6onlyhosting.com/en-us/cms/ipv6-shop/).
![ungleich IPv4 to IPv6 proxy](/u/ipv6-to-ipv4-proxy.png)
## Summary and Outlook
Centralisation is a danger to everyone. It concentrates decision power
and effectively can censor opinions and in the worst case even ruin
businesses. With IPv6 you can back in control. Even better, you can
be part of driving decentralisation.
Soon upcoming is the [Black IPv6
Friday](https://swiss-crowdfunder.com/campaigns/black-ipv6-friday?locale=en),
where you can get direct IPv6 experience. Or you can exchange your
ideas for decentralisation on the [IPv6.Chat](https://IPv6.chat).
## Updates
As pointed out by [nicey](https://news.ycombinator.com/user?id=nicey)
on [hackernews](https://news.ycombinator.com/item?id=21535181) there
is the
[awesome-selfhosted](https://github.com/awesome-selfhosted/awesome-selfhosted/)
git repo on github with a lot of explanations on how to self
host. Really worth checking it out!

35
content/u/blog/the-ungleich-ipv6-eco-system/contents.lr Normal file
View file

@ -0,0 +1,35 @@
title: The ungleich IPv6 ecosystem
---
pub_date: 2019-10-10
---
author: ungleich
---
twitter_handle: ungleich
---
_hidden: yes
---
_discoverable: no
---
abstract:
How to enable people with IPv6 - the ungleich IPv6 ecosystem.
---
body:
As you might have noticed, we have a focus on IPv6, because we think
it is required for a sustainable development of the Internet. But what
do we actually do at ungleich to support IPv6?
- ipv6.chat
- ipv6.blog
- ipv6 vpn
- ipv6onlyhosting
- ipv6 proxies
- posts in /r/ipv6
## More IPv6
If you are interested in IPv6, we invite you to join the [IPv6
chat](https://IPv6.chat) or [follow us on
Twitter](https://twitter.com/ungleich).

68
content/u/blog/what-is-wrong-with-ipv4/contents.lr Normal file
View file

@ -0,0 +1,68 @@
title: What is wrong with IPv4?
---
pub_date: 2019-10-01
---
author: Nico Schottelius
---
twitter_handle: NicoSchottelius
---
_hidden: yes
---
_discoverable: no
---
abstract:
Why are people talking about moving to IPv6?
What is wrong with running application on IPv4?
---
body:
## TL;DR
Nothing is wrong with IPv4. There is just too less of it.
## IPv6 vs. IPv4 for end users
At home
Not big difference at the moment
But: big potential for independence
### Example: home automation
All devices talk to a vendor
You already have a bridge. Why sending data elsewhere?
If enough IPv4: give all devices a public address. Can directly
connect to your home bridge. But you can't. NAT.
## IPv6 vs. IPv4 for developers
This is the section I like most. Forums with posts from developers who
recommend to turn off IPv6, to ignore it, complain about the new
format.
All of these are valid points. IPv6 is an additional protocol that
applications need to handle.
New apps: develop IPv6 only.
## IPv6 vs. IPv4 for ISPs
- SKT
- Multiple NATs
- Need to run IPv6 anyway to provide reachability
- Easier to run end point NAT64
## IPv6 vs. IPv4 for cloud providers
Probably highest pressure for IPv4 users is on cloud
## Other applications
If you know about other applications or want to enhance one of our
configuration, we invite you to join the [IPv6
chat](https://IPv6.chat) or [write to us on
Twitter](https://twitter.com/ungleich).

18
content/u/blog/what-open-source-and-ipv6-have-in-common/contents.lr Normal file
View file

@ -0,0 +1,18 @@
title: What was Open Source has now become IPv6
---
pub_date: 2019-11-15
---
author: ungleich
---
twitter_handle: ungleich
---
_hidden: yes
---
_discoverable: no
---
abstract:
The Open Source did not vanish, it just changed
---
body:
Many years ago the Open Source community

83
content/u/blog/when-does-ripe-run-out-of-ipv4-addresses/contents.lr Normal file
View file

@ -0,0 +1,83 @@
title: When will RIPE run out of IPv4 addresses?
---
pub_date: 2019-10-10
---
author: ungleich
---
twitter_handle: ungleich
---
_hidden: no
---
_discoverable: yes
---
abstract:
This month? Next month? 2019?!
---
body:
As of today,
[RIPE has less than 1 million IPv4 addresses available](https://www.ripe.net/manage-ips-and-asns/ipv4/ipv4-available-pool).
![ripe ipv4 pool](/u/ripe_ipv4_pool_20191010.png)
So the question is, how long until RIPE does not have any IPv4
addresses anymore? Or more specifically,
**which is the exact date on which RIPE will have run out of IPv4
addresses**?
We are very curious and wonder who can best predict the exact date.
And because it's a lot of fun to guess the right time, we will give
out an **IPv6 only VM for free** to the person that guesses the exact
date.
## Guesses
* ~~[@TuxOne](https://twitter.com/Tux0ne/status/1182309473521737728) 2019-10-23 08:27~~
* ~~[@objetsfabuleux](https://twitter.com/objetsfabuleux/status/1182305989128855552)
2019-10-26 ([the same day as the IPv4 exhaustion
party](https://www.meetup.com/Digital-Glarus-Business-Technology/events/264859527/),
so it must be correct)~~
* ~~[@natedalliard](https://twitter.com/natedalliard/status/1182256538305667072)
2019-11-08~~
* ~~[@JoelAMay](https://twitter.com/JoelAMay/status/1183225050486325248)
2019-11-11. Hopefully at 11:11:11 (that's probably the most sane
guess we have seen so far)~~
* ~~[@RickBakkr](https://twitter.com/RickBakkr/status/1182260610458963968)
2019-11-12~~
* ~~[@inoobkivervip](https://twitter.com/inoobkilervip/status/1182261254288760832)
2019-11-12 @ 1PM BST (submitted three minutes after @RickBakkr)~~
* [@zajdee](https://twitter.com/zajdee/status/1182236698266275846) 2019-11-15
* [@MrXermon](https://twitter.com/MrXermon/status/1182254662914850817) 2019-11-25
* [@Sami_Lehtinen](https://twitter.com/Sami_Lehtinen/status/1182366137876701184) 2019-11-15 Friday
* [@VertXVaaR](https://twitter.com/VerteXVaaR/status/1182791748139061249)
2019-11-22 (a nice date)
* [@pb_double](https://twitter.com/pb_double/status/1182236265233752064)
2019-11-27 0610 UTC (very precise!)
* [@agowa338](https://twitter.com/agowa338/status/1182236572047101952)
2019-11-28
* [@NicoSchottelius](https://twitter.com/ungleich/status/1185153567243550722)
2019-12-03
* [@treysis](https://twitter.com/treysis/status/1182256065213280261)
2019-12-04
* [@ReplicaJune](https://twitter.com/ReplicaJune/status/1182235564180942849)
2019-12-12
* [@mrimann](https://twitter.com/mrimann/status/1182769149233238016) 2019-12-16
* [@Mac_S13](https://twitter.com/Mac_S13/status/1182242286714970113)
2019-12-24 (a Christmas present?)
* [@le_roncio](https://twitter.com/el_roncio/status/1182301050247827456) 2019-12-29
* [@sighubCH](https://twitter.com/sighupCH/status/1182332420487557121)
2020-01-11 09:32
* [@STAXCON1](https://twitter.com/STAXCON1/status/1182795161266458626)
2020-01-17 03:23
## Want to guess?
Just follow [@ungleich](https://twitter.com/ungleich) on Twitter
and post your guess as [a reply to our tweet](https://twitter.com/ungleich/status/1182234419102388224).
Rules are:
* You cannot use the same date somebody else already guessed
* You can only guess once
* You can only guess until 2019-10-13-2359 UTC

BIN
content/u/desktop-small.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 316 KiB

BIN
content/u/ipv4doublenat.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 29 KiB

BIN
content/u/ipv4nat.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 20 KiB

BIN
content/u/ipv6-to-ipv4-proxy.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 23 KiB

BIN
content/u/ipv6direct.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 15 KiB

BIN
content/u/ripe_ipv4_pool_20191010.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 70 KiB

2
models/blog.ini
View file

@ -13,4 +13,4 @@ order_by = -pub_date, title
[pagination]
enabled = yes
per_page = 4
per_page = 5

2
templates/layout.html
View file

@ -16,6 +16,7 @@
<script type="text/javascript" src="/u/static/js/bootstrap.min.js"></script>
<!-- Google analytics -->
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
@ -25,6 +26,7 @@
ga('create', 'UA-62285904-1', 'auto');
ga('send', 'pageview');
</script>
<!-- End Google Analytics -->
</head>

13
templates/macros/pagination.html
View file

@ -4,8 +4,17 @@
<a href="{{ pagination.prev|url }}">&laquo; Previous</a>
{% else %}
<span class="disabled">&laquo; Previous</span>
{% endif %}
| {{ pagination.page }} |
{% endif %} |
{% for page in range(1, pagination.pages + 1) %}
{% if page != pagination.page %}
<a href="{{ pagination.for_page(page)|url }}">{{ page }}</a> |
{% else %}
{{ pagination.page }} |
{% endif %}
{% endfor %}
{% if pagination.has_next %}
<a href="{{ pagination.next|url }}">Next &raquo;</a>
{% else %}