stjet/hedgeblog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

neat post

Browse Source
This commit is contained in:
stjet
2025-12-13 03:01:18 +00:00
parent fc88372bfb
commit 3fb00e2661
5 changed files with 66 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
posts/dns_server_misadventures.md
View File

@@ -123,7 +123,7 @@ Great! Except... no. There is a huge IPv4 address shortage (only 4 billion of th
The usual solution to this is to have Cloudflare manage the DNS and proxy requests to you. They will do this for free. It's quite nice, but ultimately this is something that depends on the generosity of Cloudflare, and cannot be counted on forever. Plus, it is quite unhealthy for large swaths of the internet to depend on just Cloudflare, and letting Cloudflare snoop on all the traffic isn't great. Even encrypted traffic has valuable metadata. Cloudflare also provides a service for those who can't (or don't want to) open ports, called Cloudflare Tunnel (thank you, Cloudflare). But again, this depends on the generosity of Cloudflare, allows them to snoop, and understandably has limitations if doing anything out of the ordinary. For example, if I wanted to host a web server at the domain prussia.ban (`.ban` not being a "real" [ICANN] TLD), publically accessible to anyone who uses my DoH server, I'd need a IPv4/IPv6 address, there is just no way around it. Cloudflare won't work for these non-existent domains, understandably. So, to self-host (or host on a VPS without paying for a IPv4 address), the only free choice is basically to use Cloudflare.
For an intranet, where everyone is on the same network, this isn't too bad of an issue, since people who are in control of the router can just use the internal 192.168.* IPs. No need to worry about security/privacy, or pay for a IPv4/IPv6 address. Oh, except Firefox refuses to accept 192.168.* A records, probably for security reasons? 127.0.0.1 does seem to work, though... So it would have to be painfully proxied through 127.0.0.1. Argh!
For an intranet, where everyone is on the same network, this isn't too bad of an issue, since people who are in control of the router can just use the internal 192.168.\* IPs. No need to worry about security/privacy, or pay for a IPv4/IPv6 address. Oh, except Firefox refuses to accept 192.168.\* A records, probably for security reasons? 127.0.0.1 does seem to work, though... So it would have to be painfully proxied through 127.0.0.1. Argh!
This is terrible! Terrible! Webhosting should be accessible to anyone with an internet connection and some sort of computing device, without being forced to rely on the generosity of some mega-corp.