This article is currently an experimental machine translation and may contain errors. If anything is unclear, please refer to the original Chinese version. I am continuously working to improve the translation.
This is a side entry in the "ISP@Home" series, where things have officially entered meme territory. If some concepts or background feel under-explained, you might want to check out earlier posts in the series first.
Preface
Imagine this scenario: one day, a mysterious figure (or perhaps an LLM) discovers an RCE vulnerability in the mainstream Linux kernel’s network stack. Given how widely Linux is used, this single flaw would instantly put the entire internet on the brink of collapse—every networked host exposed to massive risk.
That’s way too centralized.
So I believe, in a truly decentralized network, everyone should implement their own unique network stack and use it to access the internet. That way, even if one implementation has bugs or vulnerabilities, it won’t bring down the whole network.
Alright, I can’t keep a straight face anymore. Truth is, back when I was learning computer networking at NJU, I had a sudden urge to write my own network stack for fun. Not finding enough chaos in DN42, I decided to take it up a notch and deploy my custom stack onto DN42—and maybe even IANA one day—offering actual services.
DNet
I did write a few blog posts about this project (DNet) back then, though I didn’t keep it up for long: https://github.com/lyc8503/DNet-core
At the time, it more or less achieved the following:
- Creating a TAP device on Linux and sending/receiving Ethernet frames
- Parsing Ethernet frames and handling ARP lookups and responses
- Parsing IPv4 packets and responding to ICMP echo requests
- Sending and receiving UDP packets
Recently, after four years of abandonment, I picked up the project again, patched a few bugs, and slapped together a barely-functional DNS server to serve as the authoritative DNS for my DN42 domain 42420167.xyz.
Now, if you run dig TXT sgp1.dn42.42420167.xyz from any internet-connected machine, you’ll get a DNS response served directly by my hand-rolled network stack:
1 | # dig TXT sgp1.dn42.42420167.xyz |
And if you’re inside DN42, you can directly send anything to this stack via IP 172.20.42.224, for example: ping 172.20.42.224
In my last blog post, I migrated all my VPS instances to NixOS, built with pure vibe coding. But since I don’t actually know Nix, it quickly turned into an unmaintainable mess that randomly breaks during deployment.
After a brief moment of hesitation, I decided to wipe everything and go back to Debian. This time, I’m using pyinfra (Python-based infrastructure tooling): lyc8503/infra.
On Debian, I’m managing all DN42 services with Docker Compose (see here). This allows me to isolate services using Docker’s network namespaces—each container starts in a “clean” environment, avoiding the usual chaos of configuration drift from repeated deployments.
Afterword
Alright, that’s it—this post ends as abruptly as it began. Just a quick showcase of my latest troll project, no deep dive into the code this time.
Lately, I’ve been feeling that DN42 has too few participants. The network’s traffic is mostly just ICMP and BGP—no real applications running, not much room for new shenanigans. Unless I get some new inspiration later on, the DN42 series will probably end here~
This article is licensed under the CC BY-NC-SA 4.0 license.
Author: lyc8503, Article link: https://blog.lyc8503.net/en/post/dn42-2-dnet/
If this article was helpful or interesting to you, consider buy me a coffee¬_¬
Feel free to comment in English below o/