Slovenian ISP T-2.net also violates local network neutrality laws here by requiring customers to pay extra to unblock some special TCP ports, like 25 and 53, meaning they block selfhosting email and dns servers without additional payment. I filed a complaint to the national regulator AKOS. They first responded with agreeing with me, but nothing was fixed for many months, and upon emailing the regulator again, I received a different response from another employee claiming that charging more for unblocking special applications is legal (it's not).
Another T-2 customer here. I never ran into issues with port blocking (but didn't try 25/53), even more, I had a "free" static IPv4 on DSL before we got the fiber line, but I've lately been noticing random connection slowdowns. Never had significant slowdowns with DSL.
I've talked to a few people (Telemach customers) who told me it happens every now and then, they call the support center that tells them to restart the modem (even if they'd done it before) and then the connection magically works at full speed again.
Could it just be that it all goes through Telekom Slovenije who does some weird load balancing? Definitely worth an investigation, but ZPS might be a better address for this than AKOS.
> Naročnik se obvezuje, da po priključitvi na omrežje izvajalca:
> ...
> * ne bo postavljal strežnikov na svoji lokaciji, razen v primeru sklenitve ustreznega dogovora z izvajalcem,
> ...
It states that customers are bound not to setup servers on their internet connection point without prior aproval by the ISP. It sounds against the law to forbid this, albeit ianal.
Calling this "paying to unlock ports" is disingenuous. I'm also a T-2 customer and have run into this before. They block ports on dynamic IPs, but if you pay +2€/mo for static, this is unlocked. This seems reasonable. If you're not paying for static IPv4, you're paying for "internet access", whether that's a rarely chaning dynamic IPv4, a constantly changing IPv4 or full CGNAT.
Would you also say your mobile phone operator is violating net neutrality by putting you behind CGNAT that you can't forward arbitrary ports through? You can pay a bunch of money to get a private APN and get public IPv4 addresses. Would you call that an unblock fee?
I don't know about that law, but GP's point was that you don't get a public IP anyway, firewall or not. And with this NAT in place, you can't ask them to forward specific ports to your equipment.
In France, CG-NAT is getting widespread even for fixed, FTTH links. I'm typing this connected to SFR, which provides a static IPv6 /56, but IPv4 is behind CG-NAT. I can't host anything on IPv4. I think there's an option to get a fixed, internet routable address, but not on the "discount" plan I'm on. I hear you maybe can ask support to get you out of CG-NAT, but that doesn't seem very reliable.
Free (local ISP), by default, doesn't give a static IP for fiber, but you can ask for one for free through your online account page (you just need to tick a box).
> They block ports on dynamic IPs, but if you pay +2€/mo for static, this is unlocked. This seems reasonable.
Why does that seem reasonable to you? Why should dynamic IPs not be able to receive incoming connections? It costs them nothing to let those packets through.
> disingenuous
Bad.
> Would you also say your mobile phone operator is violating net neutrality by putting you behind CGNAT that you can't forward arbitrary ports through?
CGNAT is pretty awful, but at least there's a reason for connections to fail.
But sure, if I had control I would mandate that CGNAT lets you forward ports. Maybe you don't always control the external port, but there shouldn't be any other compromises.
> You can pay a bunch of money to get a private APN and get public IPv4 addresses. Would you call that an unblock fee?
That's a workaround to get a different connection, not an unblock, so no.
Firstly, dynamic IPs are quickly reused, so if one customer get an IP onto a bunch of firewall blocklists because they were operating services that got exploited (like an open relay for spam, email backscatter generator, dns that was used for amplification, smb that hosted on-click executable windows malware...), this means some random unrelatimg customer will now have problems with their internet connection. After a while, you could poison a large chunk of the pool, then they have to not just deal with you, but also a bunch of other angry customers as well as beg all the firewall vendors to unblock those IPs.
If you get static, you keep that IP for a while. You suffer the consequences of your bad setup, you have to deal with FW vendors and after you leave, the IP will be offline for long enough that it will probably "cool off".
And secondly, while I don't like it, we need to keep in mind net neutrality was not written for selfhosters. It was written so an ISP can't zero-rate their own streaming service, or block their competitors. It was about internet access, not internet participation. The ownerwhelmimg majority of people are not and don't care to be "on" the internet, they want to "access" things that are on the internet. That's why NAT is still everywhere.
Define quickly? My modem stays attached on the same IP for months at a time.
> so if one customer get an IP onto a bunch of firewall blocklists
That can happen anyway! Most of those are based on outgoing connections!
> a bunch of other angry customers as well as beg all the firewall vendors to unblock those IPs
Does this happen today on the huge number of ISPs that let you open ports on a dynamic IP? I'm not aware of it.
> we need to keep in mind net neutrality was not written for selfhosters
Well I'm not really focused on the idea of net neutrality, just whether it's reasonable to make customers unconnectable, and I say it's not reasonable.
There are no sane and legitimate reasons for running an SMTP server on a residential connection. Even most server providers will block it unless you give them some very good reasons.
There is no such thing. A connection to the internet should be equal to any other connection to the internet, modulo BGP peering. Noone has a right to dictate what services I run or don't run, what protocols I speak or don't speak, what traffic I accept or deny, but *me*. That's the whole point of being on the internet rather than Prodigy or Compuserve or something.
The physical location of that connection is irrelevant. Maybe I feel my servers are safer in a datacenter. Maybe I feel they're safer in my basement. In my case, it is very much the latter, and again, you don't get to make that call. I do.
> A connection to the internet should be equal to any other connection to the internet
It's not your connection. It's your ISPs. They are also their IPs.
> Noone has a right to dictate what services I run or don't run, what protocols I speak or don't speak, what traffic I accept or deny, but me. That's the whole point of being on the internet rather than Prodigy or Compuserve or something.
Then become your own ISP. Get an ASN (easy), acquire your own IPv4 and IPv6 space (also easy, but v4 is expensive), get a commercial connection that'll allow for BGP, and go ahead, do whatever you want with your IP addresses.
> The physical location of that connection is irrelevant.
It's not about the physical location, it's about who's IP addresses are you using. If they are not yours, the service provider has every right to restrict what you do with them.
I'm not sure you read the OP's comment in full. They are talking about inbound traffic from the Internet. It's certainly a lot more common a case to self-host an MX than running an open DNS resolver or authorative name server.
You may be surprised to learn that there are many types of botnets out there, and many use DNS queries for the C&C.
Although the GP wrote "53/tcp" that is a weird situation, because most (not all) DNS is over UDP.
One day I suddenly found my DNS resolver logs were very active with veritable gibberish. And it seems that my router had been pwned and joined some sort of nefarious botnet.
I only found this out because I was using NextDNS at the time, and my router's own resolver was pointed there, and NextDNS was keeping meticulous, detailed logs of every query.
So I nipped it in the bud, by determining which device it was, by ruling out other devices, and by replacing the infected demon router with a safe one.
But yeah, if your 53/udp or 25/tcp is open, you can pretty much expect to join a botnet of the DNS or SMTP-spam varieties.
That's none of the business of my ISP to care about. If a botnet abuses my connection to send excessive traffic, that's going to be limited by the bandwidth limit I'm paying for.
Restricting ports also doesn't mitigate it, as a port scanner can easily find out I'm running this or that vulnerable server software on a non-standard port.
It's none of the ISP's business to restrict the ports I should be using.
Our network router in our radio station started acting crazy at 22:00:40 Europe/Ljubljana time. Uptime monitoring via HTTPS reported downtime for 5 minutes, but our radio archive that records audio over LiveWire recorded some bitcrushing effects for 5 minues. Maybe our Mikrotik hEX was flipping some bits? Recording from the radio archive: https://splet.4a.si./dir/solar.mp3
*Gemini Tech Tip #624:* Boost your Wi‑Fi and spiritual resilience by wrapping your router in aluminum foil! Protect against solar flares, reptilian packet theft, and basic physics. Turn it into a family craft: make and decorate foil router cozies and matching foil hats, then browse Reddit and/or the park, seeking fellow shiny‑headed believers.
It's really a stretch for the article to suggest their gear might not have supported fractional bpm. MIDI itself has always supported it and analog sequencers before that support it even easier. Not to mention external clock sync has been a thing for decades.
do you mean single database? it'd be quite hard if not impossible to make applications using a single table (no relations). reddit did it though, they have a huge table of "things" iirc.
> Next, we've got more than just two tables. The quote/paraphrase doesn't make it clear, but we've got two tables per thing. That means Accounts have an "account_thing" and an "account_data" table, Subreddits have a "subreddit_thing" and "subreddit_data" table, etc.
And the important lesson from that the k/v-like aspect of it. That the "schema" is horizontal (is that a thing?) and not column-based. But I actually only read it on their blog IIRC and never even got the full details - that there's still a third ID column. Thanks for the link.
I doubt it. "hacker news" spelled lowercase? comma after "beauty"? missing "in" after "it's"? i doubt an LLM would make such syntax mistakes. it's just good writing, that's also possible these days.
Expanded Security Maintenance for Applications is not enabled.
0 updates can be applied immediately.
108 additional security updates can be applied with ESM Apps.
Learn more about enabling ESM Apps service at https://ubuntu.com/esm
every time I log in. Or
> You do not have a valid subscription for this server. Please visit www.proxmox.com to get a list of available options.
Ubuntu broke new ground when it came out but around the time they switched to the Gnome desktop, they stopped focusing on a great desktop experience and it was surpassed by other, better distributions. I'd recommend trying Linux Mint instead as it has all the greatness of Linux without the crap from Canonical (eg. SNAPs).
I haven't recommended Ubuntu to anyone for years but there are still people recommending it because it was great years ago and they don't seem to know it's now lagging other distributions.
That’s if you run a OS version older than 5 years. You can still update to a newer Ubuntu version for free and get another 5 years if you pick an LTS version.
There's no option to disable the transition too (not even when hovering the tabs, which is very common). At first I liked how they used a grid and transitioned every cell - it's very info dense - but without being able to pause it becomes useless.
I had to keep clicking and waiting for the animation to end to keep reading.
By the time I read everything and pressed the back button only to be greeted by another hacker news page I felt like I just went back in time 10 years to a more plesant era.
