Tag: Amateur Radio

Why still run a VPS ?

Why do I bother run my own Virtual Private Server (VPS)?

I do ask myself why I still bother with running a VPS on IONOS. I no longer have a business to run, so the old web pages are an archive now. I thought old URLs should never die (*).

I am often tempted to shut the VPS down and use email only service providers. They seem to be as expensive, even more than running as VPS that can run the email. I need 50Gb for each email box. Emails are a useful personal archive; ours goes back to 1992.

Running an email server on a VPS can be problematic. Both Google and Microsoft impose their email server monopoly on security grounds. Rarely they have blocked whole swathes of Internet Service Provider’s addresses, with no notice or explanation. I assume just one of the ISP’s customers has been naughty by sending out spam. It can take a day of two to get unblocked from these secret blacklists. I hope I have not jinxed it but the last such episode blocking email was over a year ago. This big-boys IP blocking was never reported by blacklisting sites such as MX toolbox. One needs to avoid getting on any blacklist lists so chose ISP carefully. Set up SPF DMARC DKIM and even DNSEC. All would be quite fiddly if it was not for the likes of PLESK to set up and control your VPS.

Plesk is very expensive when sold as a stand-alone, personal purchase, but cheap when it is part of the ISP VPS package. Always buy with a VPS server with cPanel or Plesk.

What do I still use VPS for?

1. EMAIL The advantage of running an email is you are your own man in the middle, your data is not being mined. You are in control and back up. I spoil the lack of data mining by having my google Gmail account pop read all the incoming emails. Searching of email is so much faster and intelligent with Gmail than directly searching on the server or Outlook. Gmail then is one of the backups. I also backup the entire server and settings to Dropbox. Tight fail2ban rules are essential for email servers and PLESK sets that up easily.

2. A Virtual Private Network VPN when abroad keeping a UK IP address is very useful. To use a VPS as a VPN is a cost saving, as a commercail VPN service can cost as much as a VPS, but you can do more with a VPS. The VPS’s IP is not recognised as a likely VPN address and has never been blocked as being from abroad; the IP address does not belong to any of the major VPN providers. Again, you are not being mined, logged or surveyed with your own. I use Softethervpn on the servers and Raspberry Pis as it is so much easier to set up and can use OpenVPN. Softethervpn even makes a client OpenVPN script to do so. Beware VPNs do not route IPv6 well, so to ensure that seen to be a UK address turn off IPv6 on your PC when abroad.

3. SSH tunnels and reverse tunnels. Some of my projects have no inbound route (say they are on 4g). Using autossh on the remote site will open a port on the server to connect to the remote site to use for anything, including VPN connections. SSH needs care: I change the default port number of SSH, run fail2ban and of certificate only, no password logins are allowed.

4. SOCAT. This is a useful programme if you want to reach the fixed IPv6 address from IPv4. One of my places has no fixed IPv4, no route from the internet (CGNAT) but has IPv6 allocation. Opening IPv6 pinholes on that router I can can access multiple devices from the internet, even using the same port number, at the remote site. Alas, some business networks, hotels and phones are still not routing IPv6. So I need to direct the request to a VPS server port, and the configured SOCAT will read IPv4 and forward on to the remote reachable IPv6 address.

5. Web Server. Setting up web pages. Social media has reduced the need to have a vanity domain and web pages as I set up long ago. For email alone one needs to get a proper a wildcard SSL certificate. You can then use that certificate on any machine (some are RaspberryPis) once using by the same domain or subdomain. Plesk makes setting all this up easier.

6. Frame forwarding. One can set up a subdomain and the point to a port to the server which is connected to a website elsewhere (such as a raspberry Pi) eg https://yell.bulger.co.uk is frame forwarded to a port on the VPS which has been autossh connected by the raspberry Pi in Shetland.

7. Never run TOR on a personal VPS server!


G3WIP

*Old URLs should never die, expect in Australia.  If a business stops trading or reduces to itself such that it no longer has an business number (ABN), then the domain .com.au have to be deleted by the registrar, along with email and contacts.   This is quite nuts.

Junk is stuff in the wrong place

I was back down working in the Falklands in 2020. Behind the house was a yard with local TV tower with assorted radio junk scattered about. I was sure cared for and some is in locked containers, perhaps to be shipped back one day. It belongs to KTV Falklands Digital Channel https://en.wikipedia.org/wiki/KTV_Ltd. Later of course once out of Covid isolation, I met its owner Mario, VP8EME. In such Isolation, with no RS store or Amazon to deliver the next day, he needs to keep stuff.

To any amateur radio operator this would have seemed mouth watering stuff. Rows of parabolic dishes, some with various transponders still attached. Then power supplies, heat sinks, cables.

I suspect the reason for apparent discarding is that there now decent internet here via satellite, 4g mobile phones, a few free TV stations and more if you pay a fee to KTV. So individual dishes are no longer needed. There are issues with the local telecoms monopoly…even bringing down your out Satellite Phone with data is illegal, let alone setting up your own satellite data dish. All about those problems and more is on https://openfalklands.com

Upgrades to the telephone system filled the yard with even more stuff. BAS seems to have left a container here once used for HF coms.

Enough here to build a few antenna towers. Then there coils of fat low loss coax piled up. I assume too expensive to ship any of it back to the UK so it sits here waiting to be used, but I imagine the next project here would bring in new materials. This stuff is the wrong place. I assumed parts would be used and appreciated by many back home.

In memoriam: Looking at some of the old kit I appreciated the work and engineering involved in creating it within the last 30 years. Unless you build a cathedral everything we do is ephemeral. Much of this was so beautifully made with professional screening of parts, solid aluminium casing. A lot of thought and brain power, time and care went into each part, now not used. A graveyard of effort. Some of the boards have rows for Z80 chips which were used until quite recently, even a 555s.

Then I realised that even for hams and electronic enthusiasts little of all this is of use to us nowadays. It’s frankly simpler to write line of code into a computer than it is to make stuff. So we use the internal complexity of millions of transistors in a PC chip to achieve something that could be achieved in “simpler” manner by old school working.

Waveform Old school with op amps and 555 chips

Waveform Generator using Raspberry Pi

But the old school in inflexible. Once made with wires and components it does its one thing. A Raspberry pi is cheap and light. Make an error reformat and start again. Reliable too. I had one doing its thing as router/VPN for over year without a reboot.

Some of this stuff here could be used for interfacing, a PC’s output need to attach to something in the end.

VP8DPD G3WIP