gnucode.me/site/status-update-july-2022.html

<!DOCTYPE html><head><meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><meta name="keywords" content="GNU, Emacs, Libre Software, Hurd, Guile, Guix" /><meta name="description" content="GNUcode.me is a website focusing on libre software projects, especially the GNU project." /><link type="application/atom+xml" rel="alternate" title="GNUcode.me -- Feed" href="/feed.xml" /><a rel="me" href="https://fosstodon.org/@thegnuguy"></a><link type="text/css" href="css/footer.min.css" rel="stylesheet"></link><link type="text/css" href="css/header.min.css" rel="stylesheet"></link><link type="text/css" href="css/main.min.css" rel="stylesheet"></link><title>Status Update July 2022 — GNUcode.me</title></head><body><header><nav><ul><li><a href="index.html">GNUcode.me</a></li><li><a href="services.html">Services</a></li><li><a href="about.html">About</a></li><li><a href="business-ideas.html">Business-ideas</a></li></ul></nav></header><h1>Status Update July 2022</h1><main><section class="basic-section-padding"><article><h3>by Joshua Branson — August 02, 2022</h3><div><p>So I recently bought a guix system server! It cost me about $250. It’s got 16GB
of RAM (I can upgrade to 32GB) with a 4TB harddrive. I may play with RAID at
some point, but that’s a little down the line. If you want some help getting
something like this for yourself, please contact me. This blog post is my first
attempt at trying to figure out how to connect to <code>copertino</code>, to the
internet.  Now on with the blog post!</p><p>So when you are like me, and you start to wonder how the internets work, a good
thing to learn first is difference between <strong>WAN</strong> and <strong>LAN</strong>. LAN is your local area
network. When you are at home, on your computer, you are on your LAN. If your
computer talks to another computer in your house, then those machines are using
the LAN. When your computer talks to <code>www.gnu.org</code>, your computer is accessing
the WAN, which is the wide area network, usually called the internet.</p><p>Computers talk to each other via IP addresses.  An IP address is a numerical ID
that is unique to each computer.  Computers use IP address as essentially phone
numbers to reach out and say, “Hey what time are we having this binary number
crunching date?”  What’s interesting, is computers have more than just a phone
number, they have a phone number, plus several extensions.</p><p>When you call a business, and they say, “Thanks for calling Bank of Scotland.
Please press 5 to talk to a manager, 4 to talk to a sales person, and 3 to open
an account.  Thanks!”  5, 4, and 3 are extensions.  Computers have the same
thing, on steroids.  They calls extensions ports, and there are like 50,000+
ports.  Ports are usually set up to be used by specific applications.  For
example, your web browser uses port 80 and 443 to visit websites.</p><p>Here’s a crazy example.</p><pre><code>ping -c 1 gnu.org</code></pre><p>PING gnu.org (209.51.188.116): 56 data bytes
64 bytes from 209.51.188.116: icmp&lt;sub&gt;seq&lt;/sub&gt;=0 ttl=55 time=39.078 ms
— gnu.org ping statistics —
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 39.078/39.078/39.078/0.000 ms</p><p>So, we now know that gnu.org is serving it’s website on 209.51.188.116.  Try
posting this in a web browser url:  209.51.188.116.  You’ll end up at
savannah.nongnu.org, which is a website that the fabulous people at GNU run.</p><p>Anyway, let’s take a look at your IP address:</p><pre><code>ip address show</code></pre><p>1: lo: &lt;LOOPBACK,MULTICAST,UP,LOWER&lt;sub&gt;UP&lt;/sub&gt;&gt; mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope global lo
valid&lt;sub&gt;lft&lt;/sub&gt; forever preferred&lt;sub&gt;lft&lt;/sub&gt; forever
2: enp0s25: &lt;BROADCAST,MULTICAST,UP,LOWER&lt;sub&gt;UP&lt;/sub&gt;&gt; mtu 1500 qdisc pfifo&lt;sub&gt;fast&lt;/sub&gt; state UP group default qlen 1000
link/ether 00:1c:25:9a:37:ba brd ff:ff:ff:ff:ff:ff
inet 192.168.1.122/24 brd 192.168.1.255 scope global dynamic noprefixroute enp0s25
valid&lt;sub&gt;lft&lt;/sub&gt; 22986sec preferred&lt;sub&gt;lft&lt;/sub&gt; 22986sec
inet6 fe80::36a7:f91e:a1e0:16fe/64 scope link noprefixroute
valid&lt;sub&gt;lft&lt;/sub&gt; forever preferred&lt;sub&gt;lft&lt;/sub&gt; forever
3: wlp2s0: &lt;NO-CARRIER,BROADCAST,MULTICAST,UP&gt; mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether b6:cf:27:17:7c:fc brd ff:ff:ff:ff:ff:ff permaddr e4:ce:8f:59:d6:bf</p><p>Let’s take the above output line by line:</p><pre><code>1: lo: &lt;LOOPBACK,MULTICAST,UP,LOWER_UP&gt; mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet *127.0.0.1/8* scope global lo
       valid_lft forever preferred_lft forever


lo is your loopback device, which is fancy talk for &quot;ME&quot;. The embolded
*127.0.0.1* is a universal alias for &quot;ME&quot;. If you have a web site running on
your computer, typing in 127.0.0.1:80 lets you access that website. 127.0.0.1:80
means, talk to the computer at address 127.0.0.1 (which is me), and request the
content on port 80.

2: *enp0s25*: &lt;BROADCAST,MULTICAST,UP,LOWER_UP&gt; mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:1c:25:9a:37:ba brd ff:ff:ff:ff:ff:ff
    *inet* *192.168.1.122/24* brd 192.168.1.255 scope global dynamic noprefixroute enp0s25
       valid_lft 22986sec preferred_lft 22986sec
    *inet6* *fe80::36a7:f91e:a1e0:16fe/64* scope link noprefixroute
       valid_lft forever preferred_lft forever

*enp0s25* is your ethernet device.  Anything that begins with an 'e' is usually
 an ethernet device.  Ethernet is usually the blue cable that you
 plug into your laptop or server.  Laptops increasingly do not have ethernet,
 which is sad 'cause ethernet is faster than wifi.


*init* means IPv4. Remember when I said that computers have IP address? Well
than have one that looks like *192.168.1.122*. That is the IPv4 address. People
now adays have phones, tablets, gaming consoles, smart watches, etc. and each
need an IP address. As a result, the IPv4 address space is getting a little
crowded. So some smart people introduced IPv6, which has much more unique IDs.
(Keep reading to see an example IPv6 address).


Unfortunately for me, an IP address of 192.168.number.number is a LAN IP. That
means I have to be in my house to talk to view my personal website. I cannot
view that website at work. :(


*init6* is IPv6. And *fe80::36a7:f91e:a1e0:16fe* is this computer's IPv6
 address. fe80 is also a LAN IPv6 address. The outside world cannot use that
 address to talk to this local computer.

3: *wlp2s0*: &lt;NO-CARRIER,BROADCAST,MULTICAST,UP&gt; mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether b6:cf:27:17:7c:fc brd ff:ff:ff:ff:ff:ff permaddr e4:ce:8f:59:d6:bf

This is my wifi device.  Anything that begins with an 'w' is usually a wifi device.

ip route</code></pre><p>default via 192.168.1.1 dev enp0s25 proto dhcp metric 100
192.168.1.0/24 dev enp0s25 proto kernel scope link src 192.168.1.122 metric 100</p><p>The number after <strong>default</strong> is the default gateway. That is my router’s LAN IP
address. If I type that into a web browser, when I am at home, then I can log
into my router. Usually your router’s username and password is on a stick on the
back of your router.</p><p>Also, it should be possible for me to log into the router and tell it to open up
ports 80 and 443 (http and https), so that anyone connecting to say
<code>www.copertino.me</code> would be connecting to my computer only, AND NOT my
roommates’ laptop. However, an attacker could still potentially break into my
guix system computer, and attack my roommate’s computer.</p><p>Also, if you decide to play around with customizing your router, I would
recommend OpenBSD. OpenBSD potentially has some binary blobs for wifi, which is
why the <a href="https://www.gnu.org/distros/free-distros.en.html">FSF</a> will not endorse it as a free distro. but if you don’t use wifi,
then there is no software freedom issues. Anyway, I have recently developed
quite the crush on OpenBSD, and I found this <a href="https://openbsdrouterguide.net/">guide</a>, that helps you use OpenBSD
for your router. It’s actually quite comprehensive:</p><blockquote><p>In this guide we’re going to take a look at how we can use cheap and “low end”
hardware to build an amazing OpenBSD router with firewalling capabilities,
segmented local area networks, DNS with domain blocking, DHCP and more.</p><p>We will use a setup in which the router segments the local area network (LAN)
into three separate networks, one for the grown-ups in the house, one for the
children, and one for public facing servers (a DMZ), such as a private web
server or mail server. We will also look at how we can use DNS to block out ads,
porn, and other websites on the Internet. The OpenBSD router can also be used on
small to mid-size offices.</p></blockquote></div></article></section></main><footer><p>© 2020 Joshua Branson.  The text on this site is free culture under the Creative Commons Attribution Share-Alike 4.0 International license.</p><p>This website is build with Haunt, a static site generator written in Guile Scheme.  Source code is <a href="https://notabug.org/jbranso/gnucode.me">available.</a></p><p>The color theme of this website is based off of the famous <a href="#3f3f3f" target="_blank">zenburn</a> theme.</p></footer></body>