Best of NetworkingJanuary 2026

  1. 1
    Article
    Avatar of 9ylom8zbxaa1guwby6gdqmouthtapedguy·19w

    How the Iranian government blocked the internet throughout the country

    A technical analysis examines the methods and infrastructure used by the Iranian government to implement nationwide internet blocking, detailing the technical mechanisms behind state-level network censorship.

  2. 2
    Article
    Avatar of cloudflareCloudflare·19w

    What came first: the CNAME or the A record?

    A routine memory optimization to Cloudflare's 1.1.1.1 resolver accidentally changed the order of CNAME records in DNS responses, breaking resolution for clients like glibc's getaddrinfo and causing Cisco switches to reboot. The incident revealed that while RFC 1034 uses the word "preface" to suggest CNAMEs should appear first, it lacks normative language (MUST/SHOULD) making the requirement ambiguous. Some DNS clients use sequential parsing that expects CNAMEs before A records, while others search the entire answer set. Cloudflare reverted the change and proposed an Internet-Draft to formally clarify CNAME ordering requirements in DNS responses.

  3. 3
    Article
    Avatar of selfhstselfh.st·17w

    Self-Host Weekly #155: One Hundred Million

    This weekly newsletter covers Docker management tools, highlighting Dockhand's growing popularity despite initial skepticism. The selfh.st icons project reached 100 million monthly requests. Featured content includes Scanopy for network visualization, a new comic format (libbbf), Snikket's Android redesign, and Raspberry Pi's flash drive. Multiple video tutorials cover Docker management, file sharing, and VPN alternatives.

  4. 4
    Article
    Avatar of supabaseSupabase·17w

    Supabase PrivateLink is now available

    Supabase PrivateLink enables database connections through AWS private networks without public internet exposure. Using AWS VPC Lattice, it allows applications to connect to Supabase databases as if they're inside your own VPC. This addresses compliance requirements for regulated industries and reduces attack surface by eliminating public endpoints. Currently in Beta, it supports AWS VPCs in the same region, covers Postgres and PgBouncer connections (but not other Supabase services), and requires Team or Enterprise plans. Setup involves sharing AWS account details, accepting resource shares, creating VPC endpoints, and updating connection strings.

  5. 5
    Article
    Avatar of tailscaleTailscale·20w

    Mendix Cloud Connect powered by Tailscale, now in public beta

    Mendix Cloud Connect powered by Tailscale is now in public beta, enabling Mendix customers to securely connect cloud-hosted applications to private infrastructure without exposing systems to the public internet. The integration creates dedicated, isolated Tailscale networks with peer-to-peer connections and automatic encrypted routing through DERP relays when needed. This eliminates the need for complex VPN setups, provides zero-trust security by default, and is fully managed by Mendix at no additional cost during the beta period.

  6. 6
    Video
    Avatar of linuxcastThe Linux Cast·18w

    Self Hosting in 2026 | Is It Still Worth It?

    Self-hosting becomes worthwhile when replacing multiple paid services rather than just one. The initial setup requires significant learning (Docker, networking, security) and patience, as benefits only materialize after building out your infrastructure. Hardware costs are minimal with used equipment, but the real investment is time and willingness to learn. Starting small with one service and expanding gradually is recommended, though the process can take 1-2 years before reaching a point where you can fully replace commercial alternatives like Spotify or Google services.

  7. 7
    Article
    Avatar of isovalentIsovalent·18w

    What Is Kubernetes Networking?

    Kubernetes networking enables communication between pods, services, nodes, and external resources through a flat network structure where each pod receives its own IP address. The Container Network Interface (CNI) manages pod networking, IP assignment, and routing without requiring network address translation for internal traffic. Core principles include unique pod IPs, direct pod-to-pod communication across nodes, shared network namespaces within pods, and Services that provide stable virtual IPs for load balancing. Network Policies control traffic flow between pods for security. CNI plugins like Cilium use eBPF for high-performance routing and enhanced observability, replacing traditional iptables-based approaches.

  8. 8
    Article
    Avatar of hackadayHackaday·17w

    SSH Over USB On A Raspberry Pi

    Raspberry Pi OS now includes a package for SSH over USB using gadget mode, simplifying headless Pi setup. The rpi-usb-gadget package allows a Raspberry Pi to present itself as a network adapter when plugged into a host machine via USB, enabling direct SSH access without Wi-Fi configuration. The feature can be enabled through Raspberry Pi Imager, though Windows users need an additional driver for Internet Connection Sharing. This approach eliminates common headless setup frustrations like Wi-Fi configuration issues.

  9. 9
    Article
    Avatar of bytebytegoByteByteGo·16w

    EP200: HTTP/2 over TCP vs HTTP/3 over QUIC

    HTTP/3 solves TCP head-of-line blocking by moving multiplexing from the application layer into the transport layer using QUIC over UDP. While HTTP/2 multiplexes streams over a single TCP connection (causing all streams to block when one packet is lost), HTTP/3 gives each stream independent ordering and recovery. The newsletter also covers Cursor's agentic coding system using MoE, speculative decoding, and context compaction for 4× speed improvements; Git's internal architecture with blobs, trees, commits, and tags stored in the .git directory; NAT's port mapping mechanism for sharing public IPs; and building computer vision apps with Ring APIs.

See all Networking archives