[Box-Admins] Squeak.org nameserver stuff

Tobias Pape Das.Linux at gmx.de
Fri Jan 29 07:52:24 UTC 2016


Hi,

On 29.01.2016, at 05:22, Levente Uzonyi <leves at caesar.elte.hu> wrote:

> Hi Tobias,
> 
> On Fri, 29 Jan 2016, Tobias Pape wrote:
> 
>> Dear all,
>> 
>> I ponder using Cloudflare for squeak.org for two reasons:
>> a) Faster site (faster download for files, for example, but website,too)
> 
> Is it slow? If yes, by what measure?

Well, _I've_ got a very fast connection (German DFN)
and the main web site takes 2.5 seconds for its 1.6MB to load[1].

Another example: Downloading the current All-in-One. This a typical 
thing, I think. This 40M file takes around 30 seconds to download
here at University, similar times I hear from a server in the US.

To compare: When I put the file on my own server in Germany,
it takes 8.6 seconds for the US server to download it.

Also, I expect people from south america to have even worse
times. (There is, btw, a LatAm SqueakSource file mirror because
of frequent timeouts). 

If we can delegate global distribution of our files[2] and
their caching, I wouldn't do it myself. They know their stuff.

Also, they have this nifty Always Online feature:

	"If your server goes down, CloudFlare will serve your website's static pages from our cache."

We also won't have to run a DNS server ourselves…


> 
>> b) SSL for free, no hassle.
> 
> We could have a free certificate anytime now that letsencrypt is live.

Yes. But we actually have to manage that. And it is not so easy if you
don't have the environment they want. Also, our software is way too old
to runs smoothly with their stuff.
You can ask Bert for an experience report of letsencrypt.

I myself are all in favour of it, but it is an _increased_ effort compared
to just switching it on.

> 
>> 
>> People have expressed interest in that, and I went forth and
> 
> Who?

- Fabio, who did this exact thing to his website.
- Marcel
- Bert
- Craig also seemed to like it.


> 
>> created everything necessary at clouflare but one thing:
>> 
>> The master dns server entries have to be changed:
>> 
>> 	a.ns.squeak.org -> austin.ns.cloudflare.com
>> 	b.ns.squeak.org -> elsa.ns.cloudflare.com
>> 
>> This has to be changed at the registrar (networksolutions).
>> Currently, as per whois, Dan is owner of the site but I
>> don't know wether he's the one turing the knobs for
>> the domain. If so, we would need him to change those entries,
>> if not, we would have to find out whom to talk to.
> 
> I think Göran might have access to the DNS records.
> 

Ah! I cc him :)

>> 
>> So Iff the board and the admins decide to go for cloudflare we
>> need networksolutions to change the DNS-NS.

> I kinda dislike cloudflare, because if you use it, you'll give all control to them. They also tracks your users, even if you don't want them to, which is also something you are not allowed to do in the EU without the user's consent. The way I understand the law, every site using cloudflare breaks it, because they set the tracking cookie before the user could have a chance to opt-in.

o_O Ok these are valid concerns. 

Let me look.

Cloutflare says they need the cookie to implement their security stuff,
explained here:
	https://support.cloudflare.com/hc/en-us/articles/200170156-What-does-the-CloudFlare-cfduid-cookie-do-

Therefore, I think they are legal:

	http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm

	However, some cookies are exempt from this requirement. Consent is not required if the cookie is:
		• used for the sole purpose of carrying out the transmission of a communication, and
		• strictly necessary in order for the provider of an information society service explicitly required by the user to provide that service.

I think the first one fits here. They need the cookie to _not_ block you, apparently.


So, I don't want to push this onto anybody. I only think it would help us.
If the general opinion is in disfavor, lets ditch it, otherwise,
let's proceed.

> 
> Levente
> 
>> 
>> We need:
>> 	- a decision
>> 	- (mabye) contact Dan/Squeak.org-networksolutions-contact
>> 
>> Best regards
>> 	-Tobias


Best regards
	-Tobias

[1] Yes, there are different things to consider here, like decreasing size, etc,
but I'm here for the DL speed :)
[2] I am mainly concerned with the website and the file server atm.


More information about the Box-Admins mailing list