CGNAT and the erosion of the public internet

Posted on July 18, 2022July 18, 2022 Posted in UncategorizedTagged CGNAT, DNS, internet, IPv6, NAT, serversLeave a comment

If you don’t know what CGNAT is, follow along and I’ll tell you the story that lead me to it’s discovery on my internet provider’s network and furthermore why it’s a terrible threat to an open, peer-to-peer enabled internet.

My old ISP was belong internet, chosen solely for their carbon neutrality. The ratings were ok and the price was good, but I did not remain a customer for long at all.

I decided to set up a Diaspora server(https://diasporafoundation.org/) from my apartment and begun preparing my ‘server’, which was to be an underpowered(for this application) Raspberry Pi model 3B. After spending quite some time setting it up with the software it was time to open some ports to the internet, I’d expected this to be on of only a couple of scenarios:

I was on static IP already, so I just needed to open a few ports in my router and set up DNS to point to my public IP
I was using a dynamic IP address, in which case I was going to use a dynamic DNS service to give me a ‘permanent’ internet domain name, and then use a DNS redirect to that dynDNS domain. And obviously open the ports

I begun my process by opening the ports in the router and trying to test that I could access ports 80/443 in a browser. I was disturbed to see some totally unexpected content. I ran an NMAP port scan of my public IP and saw a number of unrecognised, open ports which caused some momentary panic. This was weird enough that I started googling, I wish I still knew the keywords I’d used doing that search. Finally I stumbled upon CGNAT, carrier-grade network address translation.

CGNAT – carrier-grade network address translation

CGNAT essentially means that you share your public IP address with other internet users, which is, frankly totally nuts. Your public IP address is probably the strongest piece of identity information you provide to a remote server and now it’s being used by a large number of untrusted people, I find this concerning.

Let me give some concrete examples:

Public IPs are the ones blacklisted when servers are being attacked, someone else behind the GCNAT router might be dodgy as heck and get your public IP blocked
Public IPs are often enough whitelisted by corporate VPNs to ensure that other parties cannot connect – with CGNAT there are a hoard of people on your ‘network’

More importantly in this case, it makes hosting a server from home all but impossible, there’s no way to open a port at the CGNATs side without significant cooperation with the ISP. It’s a low-grade hack for ISPs to delay the inevitable, costly transition to using IPv6.

I’ve since changed ISPs to AussieBroadband and have been impressed with the service, they communicate outages fast and have a good quality service and have reasonable pricing around static IP allocations, though they are still to make the jump to supporting IPv6 which some telcos have started to exclusively support (https://www.sidn.nl/en/news-and-blogs/australias-telstra-switches-mobile-users-to-ipv6-only) .

I’ve always believed that IPv6 and the end of NAT and port-forwarding is key to having an open, peer-to-peer internet and CGNAT is another step which takes away our power as internet users forcing us to use web-services providers such as AWS to host a public-facing service. I’m looking forward to society being able to maintain and use more privately-hosted, decentralised, encrypted applications so I can stop having my data hosted on an untrusted parties’ opaque server..

Toyota Hiace H100 Commuter roof racks in 2021

Posted on July 23, 2021July 23, 2021 Posted in UncategorizedTagged DIY, hiace, NSW, vanlife, weldingLeave a comment

After much searching online for appropriate roof racks for my H100 commuter I decided to go down the DIY route with some help from my father, who had some time available to fabricate some simple parts that were needed.

We decided that the bulk of the problem was to get a decent gutter mount bracket to allow for the 400mm fall needed to clear the roof.

The solution chosen was to purchase some cheap gutter mount brackets like the ones found at https://www.bosscoauto.com.au/set-of-4-universal-gutter-mount-bracket-12.5cm-15c~19249. I believe the set I purchased was very similar to this but only cost $125 delivered.

3x components to make up a gutter mount bracket from the kit. Excuse my crappy anonymising

My father fabricated some extension pieces to extend the length of the short brackets. These were created using pieces of 20x20x3 angle and 65×3 flat bar. The holes were then drilled using a drill press to accommodate the chosen mounting hardware, stainless steel M8 bolts for the extension connections, which were included in the original kit. We used zinc gal M8 bolts for mounting the cross rails.

From there it was just a matter of adding etch primer and paint to protect the surface.

Mockup of the assembly prior to welding the seams

Rail mount. For most setups inverted bolts will be more suitable. The best option may be to weld on a captive bolt post and then bolt from underneath to remove the protruding bolt heads. This setup works okay for me as I’ve only got solar panels on the roof currently, though a bit more storage wouldn’t go astray in the future.

Hope this helps, looking forward to your feedback! If anyone needs any more information I’ll try to make updates. I’ll try to get a bill of materials and costs from my father for the custom parts.

A bad picture of everything in place near Caloundra QLD

Moving files via the terminal

Posted on September 18, 2020 Posted in UncategorizedTagged compression, linux, terminalLeave a comment

For reasons undisclosed I could not run scp or similar commands so had to be a little creative. I came up with this neat+effective solution using gzip and base64

Grabbing the file (compression)

1 run: gzip -c [filename] | base64 -w0

2. copy the text to the clipboard

Pasting the file (compression)

xclip -sel clip -o | base64 --decode | gzip -c -d > filename.txt

2. voila filename.txt contains the contents of the remote file!

Testing international calling

Posted on June 18, 2020 Posted in General, hacks, techLeave a comment

Just stumbled upon a nice international call testing number. It’s for a US talking clock.

+1 202 762 1401

On using diff

Posted on May 6, 2020 Posted in UncategorizedLeave a comment

I tried to use diff on two text files today and wanted a side-by-side view which would show me line by line what had changed. Turns out that it can need a little massaging to get the right result

Options

-y – side by side diff

-a – treat all files as text

-w – ignore all whitespace changes! (good for code)

I installed colordiff and used that instead of diff and then piped that to less -R to get the colours.

Final command

colordiff -a -d -w -y left_file.txt right_file.txt | less -R

THE SHIT SLIDEY SHOWED ME

Posted on February 27, 2020 Posted in UncategorizedLeave a comment

Holy whack. Cool windows CMD hack to push text written in the console to a file, with the added bonus that you can actually add newlines!

copy con icantbelievethisworks.txt this is a file ^Z

Simple amaze

Check your PI revision

Posted on July 16, 2017 Posted in UncategorizedLeave a comment

I just found this handy article online which can help you discover what kind of PI you’re using.

http://www.raspberrypi-spy.co.uk/2012/09/checking-your-raspberry-pi-board-version/

It turns out i’ve got a model B rev 2 with 512,000 kb of RAM 😛

Affenspinner 9

Posted on April 6, 2017April 6, 2017 Posted in Affenspinner, UncategorizedTagged Autocad EAGLE, PCB, TeensyLeave a comment

After very much umming and aaahing I’ve finally picked this project back up. I arrived back in Australia just yesterday morning and that means i’m on leave from work and have some time to spend on this project.

The hardware needs some redesign to allow for simpler construction and extra robustness, I also want to change the Microcontroller for a unit with additional external interrupts. The Teensy 3.2 is a familiar and compatible platform and all digital IOs can be used as external interrupts. Also having a higher MIPS count should be beneficial. The other critical change I propose is to use a set of long PCBs to allow for much simpler construction of the LED sections, easier interconnection between the segments, easier maintenance and higher electrical performance. This design change might also allow me to reduce the overall footprint of the components.

I’ve opted to use the open software KiCAD for my electrical schematic design instead of EAGLE, the free version of eagle is quite limiting with its maximum PCB size in the free version of ….

Where the ellipsis is is where I decided to check what the exact size limitiation was for the free version of EAGLE. There are 2 pieces of information I discovered during my Google search, EAGLE was bought out by Autodesk! And, the limitation for the size is 80cm^2 which is more than adequate for my needs 26*3 = 78cm^2!

So i’ll use eagle as i’ve done in the past, i’m familiar with the software and compatibility is great. I’ve also already created layouts for the Teensy 3.1 board (same as Teensy 3.2)!

I’ll try to publish my first design for the new PCB later this week.

Antisocial media

Posted on January 2, 2017January 2, 2017 Posted in General, philosophy, UncategorizedTagged belonging, connectedness, environment, social mediaLeave a comment

I was thinking about my social life today and I asked myself, are all of these social networks necessary? Do they suit the lifestyle I want to have? Can I have meaningful social encounters via social media? I’ve been a Facebook user since 2008 and it seemed like a great tool at the beginning to connect with people who were a long way away from me. It’s likely that I did rekindle a few old friendships through Facebook over the years and I’ve certainly had a laugh looking back of some of my silly or proud moments and those of friends and family. However, I often find myself on Facebook looking for news, news about friends and family in order to try to stay up to date with people and groups. I would like to reflect in this post on how I would like to use Facebook in a positive way in 2017 (if at all) and to see if I can rekindle some more traditional kinds of communication.

I like many other people find it much easier to stay inside and look at my phone and use that an excuse for being connected. My father used to always tell me (he still does actually) that I should stop being antisocial and put my phone away. This leads to the question of what is a meaningful social interaction for me? What do I enjoy and value about communication with other people?

What’s good offline, best doing with someone physically near you:

Playing games – laughing, physical interaction with others, bizarre game-related sounds, the smell of food, the taste of tea or drinks. It’s a richer experience.
Sharing photos – having the phone available to do additional web searching, discussing the content of the photos, making hand gestures, showing related videos on your phone.
Planning something – access to many communicative mediums, paper, post-its, whiteboard, voice recording, photos, maps, tools (calculator, rulers), books, ability to access the internet, look at clothing, weighing things, have quiet food breaks.
Banter – can be assisted with your phone, photos, silly clothes, accidental slips of the tongue.
Sport – you can only really do this offline, enough said.
Viewing art – can utilise more senses, attain a complete experience, purchase real works.

What’s good online?

Internet gaming, enough said
Chatting with friends overseas (it’s better to be able to use your camera)!
.. shopping?
Research about computer related topics! There’s plenty of good stuff around.
Research of unusual/rare topics. The internet is a great forum for obscure information.

These lists are in no way exhaustive, but you might be getting the feeling that I don’t like social media much, yes it’s convenience but it’s just nowhere near a real world interaction. Unfortunately Facebook and the like have become some of our primary platforms for verbal/written communication and event organisation. One serious problem which manifests itself with internet based social mediums is indecisiveness. People believe that they have a lot of choice about what they could/should be doing and this can be a sort of conflict. Perhaps you get invited to a party of a friend in another city who is a long-time acquaintance, and decide not to go to a local gig to make it. You should question yourself here and think, would you have known about it without Facebook? Would you have felt like you missed out if you didn’t hear about it until afterwards. Maybe, but you’d definitely have enjoyed the simplicity of just going to that local gig, talking with/or making some friends. I’d like to approach organisation in more of a traditional way, planning the next meeting at the current one. And making more effort to bring ideas to social activities and trying my best to lock something in there and then. People used to do this, and it worked! I thought I could plan my next visit to the UK to see my family, everyone will know about it, myself included and I could think about what I’ll do during that stay, I could talk to my friends here and see if they have any ideas, etc. Plans should be made concretely when in the presence of others.

I live in Germany and commute to work each day, this means that I spend little time at home and am often tired when I get home. Because I live in Germany the German language is often vital in social interactions and it can be daunting for me to speak it sometimes. All of that said, it was my intention with moving to Germany to attain a good understanding of the language and to me able to use it to a professional level. I would like to get to the stage that I’ve got nothing to do at home and NEED to leave the house to interact with others. This belief leads back to the idea that I like to interact with others and community is important to me. I’ve always dreamt of having a very small home, so cramped that I’m constantly inspired to leave it! A friend once said to me that changing your environment can dramatically change your effectiveness. By altering your environment you can force yourself to make a move in a better direction. I had the idea of moving all of my project related items to a public work space (like a makerspace) called Open Lab. I could remove the desk from my bedroom and add a beanbag or a loungechair so I can focus myself on reading or playing guitar. How does this relate to social networks? I am simply trying to encourage myself to spend social time with others.

There was a wonderful video going around on Facebook (ironically) a few years ago titled the invention of loneliness (watch it!). The video discussed that humans only really have the capacity to maintain 150 relationships. Quality is being replaced by quantity, as this is the social standard we expect in other aspects of our lives (wealth, posessions, status). Our lack of ability to . The social network offers 3 attractive qualities: we can focus on what we like (hear only what we want to hear), an audience (someone will listen) and the illusion of belonging. This is a paradox as the desire for connection to others is motivated by being isolated from others. The social network locks us into a equilibrium state between actually being connected and desiring social interaction, leaving us lonely.

I hope this has provided some insight into how I’ll change my 2017 and how you can change yours. Thanks for reading.

Affenspinner 8 – Thai ming

Posted on December 28, 2016 Posted in Affenspinner, projectsLeave a comment

Quick HW update

So The HW is finally complete! I’ve installed the IMU also and wired up the i2c data lines. I do have a problem though as I don’t have a spare external interrupt line on the Teensy to connect the interrupt line from the IMU.

I also finally connected and tested the hall-effect sensor. I also have a number of awesome videos of LED testing with all of the LEDs connected.

Timing!

I can just poll it or just use a fixed frequency or something similar for that purpose. I also connected up the hall-effect sensor and ran a simple test in Arduino code. It seems like i’ll need quite a powerful magnet to detect the field over the distance.

It’s actually about timing. Any kind of active display works on the principle that the display pixels (or whatever) need to be periodically updated to create the effect of motion.

My display needs to be updated constantly as it’s actually moving! This is in-fact a fairly unique problem.

Think of a TV, these have the entire image updated X times per second. This number X is chosen such that our minds and eyes will perceive the image as realistically moving.

As you can imagine with the Affenspinner that the display must update faster as the wheel rotational velocity increases. My intention with this post is to figure out if I can pull all of this off.

As the wheel rotates a number of things need to happen:

The IMU data needs to be attained
The data needs to be fused with the rotation model data
the rotation model needs to be updated
The image needs to be buffered (possibly?)
The image needs to be actually updated! (regularly)
The Hall effect sensor needs to reset the position (integral of velocity) once per cycle.

IMU data capture

The IMU unit I will be using has an onboard DMP (digital motion processor) which I am hoping I can set up to provide me with regular and accurate angular position and/or angular velocity data.

Data fusion

Hopefully I can do the fusion of the Gyro data and the Accelerometer data on the DMP which will take the load off of the main MCU.

The fusion of the data into the observer model however will have to be done on the kinetis MCU side taking up precious clock ticks.

Rotation model

I propose to run an observer model of the wheel rotation based on the velocity profile seen when cycling. As you may be able to imagine the velocity profile of the wheel and the bicycle will change over the pedal stroke. The problem with this is that this velocity profile will need to be integrated to determine the position at each moment. This position will then determine what the display should actually look like at that time.

Image buffering

I will store all of the images in the program memory and may then buffer the entire of the selected image into the ram (i’ve only got 8kb). It may also be necessary to buffer the image into another intermediate memory location for faster access.

Image update

Due to the multiplexed nature of the LED setup I’m using I will need to update the LEDs frequently. I can only power 8 LEDs at one time (i.e. one of the cathodes). Meaning that it can’t be ‘always on’. This means I may have many problems with latency, as I didn’t pay much attention to the switching times on the BJTs I’m using.

Hall effect sensor reset

As this is super critical it will most likely have to be done on an external interrupt.

Timing

So the crux of the calculation will be that the device should be operational between speeds of around 20 kph – 50 kph. When the velocity is faster or slower we can shut down some of the tasks.

I think it would be adequate to update the LEDs 2 times in each angle segment.

	Networking goes… on Networking woes
	francisconroy on Affenspinner 5
	francisconroy on Affenspinner 5
	JP SWIFT on Affenspinner 5
	JP SWIFT on Affenspinner 5