Changes in .gov.uk

September 20th, 2024 by

The palace of Westminster where the government lives. Picture by Diliff

This year the back-end system for domain names ending in .gov.uk has migrated from JISC (the organisation that provides connectivity services to Higher Education in the UK) to Nominet (the organisation responsible for nearly all other .uk domains).

This brings a few significant changes for registrars who offer .gov.uk domain names:

  • There are enhanced security requirements for registrars. Nominet requires Cyber Essentials.
  • The wholesale costs have been reduced.
  • Registration periods other than 2 years are now possible.
  • All the processes and procedures are different: somethings are now easier, others are harder.

Mythic Beasts were already Nominet members and have now added the ability to register .gov.uk domain names through Nominet. All of our existing .gov.uk domain name customers have been migrated across transparently. We have also applied a price decrease, renewals are now £15+VAT rather than £75+VAT, and new domain registrations have also been reduced from £150+VAT for the first two years, to £89.50+VAT.

We’re aware that a number of registrars have opted not to continue offering .gov.uk domains due to the procedure changes and security requirements. We are able to accept transfers of .gov.uk domains in, and there is no charge for transferring a domain name to us. We can also accept payment by bank transfer on account which is extremely helpful for government bodies that register .gov.uk domains.

The transfer process is very simple, set up an account at the Mythic Beasts control panel and go to transfer domain in. It will ask you for the authorisation code and we’ll complete the transfer for you.

As of March 2023 there were 3854 .gov.uk domains in use – if every registrar follows our lead that should reduce the government deficit by around £200,000/year.

Mailman list archive link preservation

September 2nd, 2024 by
Trinity College Dublin library

Humankind has been carefully storing past knowledge for a very long time.

At the end of July, Debian 10 (Buster) reached end-of-life, and with it, all mainstream support for Python 2. The Python Software Foundation actually ended support for Python 2 on 1st January 2020, but it’s remained in Debian until now because a small number of important packages depend on it.

One of those packages is Mailman 2, a widely-used mailing list manager.  For various reasons, many projects using Mailman 2 have resisted upgrading to its successor, Mailman 3.  With Debian 10 reaching end-of-life, we’re seeing renewed interest in this migration.

One of the barriers to migrating to Mailman 3 is that the upgrade breaks links to messages in the mailing list archives.  There are links all over the internet to messages in Mailman 2 list archives, and for many projects, breaking these links would be a significant loss.

We’ve recently done some Mailman 2 to 3 migrations, and as part of this, we developed our own solution to preserving archive URLs.  We created a script that trawls Mailman 2 archives and creates a map of old URLs in the Mailman 2 archives to the corresponding URL in the Mailman 3 archives.  This can be used by Apache’s mod_rewrite to generate redirects for the old URLs.   The map can be converted to a DBM file for more efficient lookups.  This is important for archives containing many thousands of URLs.

We’ve made the mailman-archive-mapper script freely available on GitHub.

We offer mailman as a managed application.

 

Multi-coloured bandwidth in an Electromagnetic Field

July 12th, 2024 by
Traceroute from EMF to Google via Mythic Beasts

A satisfying traceroute from EMF out to Google via a private interconnect from Mythic Beasts

Last month we attended Electromagnetic Field as a silver sponsor.  Despite being in a remote field in Herefordshire, the site had amazing connectivity, which we played a small part in providing.

We provided some optics to help get internet around the field and acted as an Internet Transit Provider to uplink the festival through our network.

We had a tour of the network operations centre. ElectromagneticField leased a single fibre to a telephone exchange in Gloucester and a donated private 40Gbps circuit hauls the traffic back to the London Network Access Point (LONAP). We used private VLANS over LONAP to link to the Mythic Beasts core network routers in Sovereign House and Telehouse and used this to provide our blend of transit providers and peers, including direct access over private fibre to some of the largest cloud providers.

EMF fibre uplink using DWDM

EMF fibre uplink using 4x 10Gbps DWDM with fake BiDi. The MUX is on the top, eight fibre pairs [03-10] are multiplexed into the single 60km fibre to the telephone exchange [01]. Ports 41-48 on the switch all have different coloured handles to indicate the different light colour used by the transceiver

The section from the field in Eastnor to Gloucester uses Dense Wavelength Division Multiplexing, a neat technology that uses multiple different frequencies to carry multiple signals on the same fibre at the same time. Each optical transceiver typically transmits at a specific wavelength on one fibre, and receives on the same wavelength on a second fibre. This is put into a multiplexer which combines the different frequencies from multiple optics into the same fibre and a second multiplexer splits them back out into the component frequencies at the other end, allowing multiple 10Gbps channels to operate over one fibre pair.

Newtons original diagram from 1704 showing splitting and combining of colours into white light.

By kind permission of the Masters and Fellows of Clare College, Newtons original diagram for splitting and combining wavelengths with prisms, taken from a first edition of Newtons Optiks (1704)

We use the same technique to multiply up the bandwidth in our core London network on our leased fibre that interconnects our core London points of presence.

To keep costs down at EMF there isn’t a fibre pair – just a single 60km fibre. The hack to get around this limitation is to use different frequencies in each direction and rely on the fact that the transceivers are frequency-specific for transmitting but not receiving – a transmitter that transmits at 1572.48nm will happily receive at 1572.89nm and vice versa. You can then use eight channels on one fibre as four bi-directional channels.

Around the campsite there were datenklo (a switch in a portaloo) which provided wifi and multiple 1Gbps wired uplinks. Each dataklo had a 10Gbps link back to the network operations centre to provide super-fast connectivity all around the site.

You can read more about some of the awesome things we saw at EMF 2024 in our previous blog post.

Sampling an Electromagnetic Field

June 13th, 2024 by
A Viewdata terminal with the EMF Schedule

A Viewdata terminal with the EMF Schedule

We went to Electromagnetic Field 2024 as a silver sponsor. Whilst there we found a lot of fantastic fun things and missed a vast number of others. The really amazing part of the festival was the massive variety of things the participants brought with them. Lock picking and blacksmithing courses were available. Geodesic domes were very popular and courses on how to build them were at the Maths Village. At least one dome integrated with the API from the bar, so the lighting changed colour based on what type of drinks were currently being ordered.

If you thought that ethernet and IP was a bit too modern there was a fully functioning DECT cordless phone network and you could access the live schedule information over ViewData (Prestel/Minitel).

We missed at least 98% of the talks. Fascinating ones we did see included a comprehensive explanation of the attempt to backdoor ssh with xzutils by Dr Matthew Garrett. Dr Matthew Bothwell gave a guide to Astrophysics for Supervillains covering things like ‘what happens if I crash the moon into the earth?’ (answer: you get a moon). Tim Hunkin of the Secret Life of Machines gave a short history of electric shocks and Ian B Dunne played the Theramin and musical saw. Much to our surprise, this was quite listenable.

Sadly the magic smoke came out of the Tesla Coil before the end so we had to make do with fire and lasers in additional to a traditional light show around the DJ area in the Null zone.

But this is a short summary, there was a fantastic kids creche, swap shop, night market for created things, crochet, hand built guitars, paper rockets, active satellite tracking, a 5km run, a fully stocked bar, a manual version of flappy bird to play and and and [approximately 100,000 further words cut to keep this post merely far beyond reasonable]

The now notorious swap shop gets a special mention. Not only did it have extremely dangerous materials like Linux install CDs from the late 1990s that may permanently corrupt young minds but some things that are rather harder to get hold of.

Warning sign from the swap shop asking not to drop off radioactive sources.

When we saw the warning sign we had to find out what incident motivated the creation.

It has a direct entry on wikipedia and is going to cause a lot of festivals to have to update their terms and conditions to prohibit bringing radioactive materials to the site. Fortunately an attendee was familiar with safe disposal procedure and quickly removed the offending sources.

The last and arguably best thing at Electromagnic Field was an incredibly secretive project, the Great Camp Hexpansion Question (GCHQ.net). This was a series of locations (mostly, but not all static) where you could plug the quest markers into the official badge which would record you’d found them. A cross between a scavenger hunt and a technology preview it encouraged wandering and looking around the whole camp to find many cool things that were tucked away.

GCHQ location

GCHQ location marker

We asked the organisers if this was an official GCHQ sanctioned project. They said no. But that’s what you’d expect GCHQ would say.

Out standing in two fields

May 20th, 2024 by

Fibre internet, in a field

Keen to build on our previous success at being outstanding in a field, for 2024 we’ve set ourselves a tough new target of being out standing in two completely different fields.

The Cambridge Beer Festival is being held this week on Jesus Green in Cambridge. A beer festival is pretty easy to organise: you need some virtual servers to handle the website and tickets, fibre to the field to give fast reliable connectivity for verifying tickets and accepting contactless payments, and perhaps satellite backup just in-case someone digs through the primary fibre.

There are also some other minor logistical requirements like a large quantity of beer, wine, mead, cider and other drinks, a very large marquee to keep it in,  a very large refrigeration system to keep the beer at cellar temperature, a huge cheese stall, a small army of volunteers and a makeshift road system to avoid damaging the park.

Mythic Beasts are providing the virtual servers and the internet transit to keep it all functioning.

Two weeks later, many of our staff are going to Electromagnetic Field. This is a camping festival with power and high speed internet to every tent, good beer and all kinds of amazing installations and demonstrations. In addition to being silver sponsors of the event, Mythic Beasts also donate internet transit and have sent a few sets of bidirectional fibre optics to carry traffic around the site.

If you’re going to be at either event, do come and say hello.  If you don’t know what we look like, drop an email to support or message us on social.mythic-beasts.com.

Electromagnetic Field 2024 sponsorship

May 1st, 2024 by

Electromagnetic Field Logo

We’re pleased to announce that we are silver sponsors of this year’s Electromagnetic Field festival.  As in previous years, we will also continue to support the event with free transit.  EMF is a long weekend camping in a field where people who are really very interested in things will tell you about the things that really interest them. There’s talks, demos, art installations and workshops on all kinds of creative things. In addition to camping, everyone gets power and high speed internet to their tent. Rumour has it there is also a bar.

Previous years have had an exceptionally wide variety of talks on a huge number of different subjects. The list of talks from the last festival in 2022 is long, but includes things as wild as:

  • Ship vs Oil Rig
  • The imitation game – using live data feeds from Network Rail to control a model railway
  • Building a home-made enigma machine

We’re not giving a talk this year as we didn’t come up with a good idea in time. For 2026 we’ve already rejected the following presentation titles :

  • I’ve got 99 problems and HEX ain’t one.
  • D. E. P. R. E. C. I. 8. The importance of correct accounting policies delivered through the medium of Aretha Franklin covers.
  • As a large language model I can’t assist with that. It’s illegal, unethical, and against my guidelines.

We’re looking forward to meeting up with lots of interesting people at EMF2024.

HEX-it complete

April 29th, 2024 by
Equinix invites you to celebrate international data centre day

We elected not to celebrate with Equinix

In March 2004 we moved all three of our servers into a single rack in the 6/7 Harbour Exchange data centre, operated at the time by Redbus.  The data centre has changed hands several times, and merged with the building next door to become what is now Equinix LD8. We’ve been continuously present for 20 years and 1 month. Normally moving out of a data centre is a difficult, expensive and time consuming operation that is best avoided, but Equinix offered us terms that made doing so make sense. In September 2023 we opened our new core point of presence in Telehouse South.

We’re happy to report this project is now complete and our footprint in Equinix LD8 is now reduced to an optical-only point of presence forwarding 10Gbps waves to our core site at City Lifeline.

Our new space in Telehouse South offers a considerable upgrade over what we could offer in LD8. All servers now have remotely switchable dual power feeds and with dual 10Gbps uplinks. We are able to offer offer cross-connects to anywhere in the Telehouse London campus and 10Gbps wavelengths back to our other sites. We already have some new colocation customers taking advantage of these additional services. We still include serial for out-of-band server management.

During this move, we live migrated our virtual server cloud to hosts in either City Lifeline or Sovereign House. Apart from a few special cases supporting very old virtual servers or ones with BGP transit services, this was done without interruption to the client. Dedicated servers and colocation customers moved in a series of windows to minimise downtime while the servers were relocated.

We brought on additional network capacity as part of the move including 10Gbps and 100Gbps links to transit providers and private peers within the Telehouse London campus. This provides a significant upgrade in connected external capacity.

It’s always DNS (why domain transfers suck)

April 3rd, 2024 by

It’s a popular meme that all mysterious internet problems are caused by issues with the Domain Name System (DNS). Like most memes, it gets over-used, but when it comes to transferring a domain between providers, the intricacies of DNS create some very real problems.

To make things easier, we’ve just rolled out a new feature to our DNS management system that allows you to fetch records from your old provider’s nameservers prior to transferring the DNS for your domain to us.

Screenshot of "fetch live records" control panel function.

Why is this needed?

This functionality can help achieve a seamless transfer of your hosting, by working around an annoying feature of the DNS system.

DNS is the system that converts internet names (like “www.mythic-beasts.com”) into IP addresses (like “93.93.129.174”) that can be used to locate the server for a particular service. This conversion is done by nameservers, and each domain has its own nameservers, usually provided by your hosting provider.

Graphic showing a client querying a nameserver for "www.mythic-beasts.com" and getting the answer.

When you transfer the hosting for your domain between providers, you’ll need to update your DNS records to point at your new web and email servers, but you will also typically change from using your old provider’s nameservers to your new provider’s.

The simple way to transfer your domain is to do these two things in one go.  Your old provider’s nameservers direct traffic for your domain at your old web and email servers, your new provider’s nameservers direct traffic at your new hosting service, so just change the nameservers for your domain from your old provider’s to your new provider’s and you’re done, right?

Graphic showing a client querying nameservers for "www.example.com" and getting a different answer before and after transferring the domain to Mythic Beasts.

This approach works, but it’s not ideal for domains that are in active use because of the delays created by caching.

Caching and TTL

One of the things that makes DNS so confusing is caching. When you look up a name, you’re told to remember the answer for a set period of time. IP addresses don’t change very often, so looking up a name every single time you need it would generate a lot of unnecessary traffic, and slow things down.

Graphic of client querying a namserver for "www.mythic-beasts.com" and getting the answer and the instruction to "remember this for 1 hour".

All DNS records have a “Time To Live” (“TTL”). This is the number of seconds that you’re allowed to remember it for before you have to do a new lookup to see if it’s changed. In the past, TTLs were usually set to hours, days or even a week. As the Internet has become faster, the overhead of DNS lookups has become less of a problem, and TTLs of one hour or a few minutes are now common.

Although caching helps improve performance in normal use, it creates a problem when you need to make changes. When you make a change to the DNS records for your domain, it won’t be picked up immediately by all users, because some people will have the old value cached.

If you know you’re going to need to change a DNS record, you can lower the TTL in advance (for example to 60 seconds), and then, when you come to change the record, all users will pick up the change very quickly.

If you’re planning to change hosting provider, it makes sense to lower the TTL on your DNS records in advance, so that when you come to make the change, all traffic is switched from the old provider to the new provider quickly.

Changing nameservers

When you have your own domain, you need to have some nameservers to answer DNS queries. As described above, when you transfer the hosting for your domain, you will typically also switch from using your old provider’s nameservers to your new provider’s.

The domain name system keeps a record of which nameservers provide the DNS for each domain. For example, DNS for mythic-beasts.com is provided by our nameservers (ns1.mythic-beasts.com and ns2.mythic-beasts.com). The problem is that these records are also subject to caching and usually have a fixed TTL of 48 hours.

Graphic showing a client querying the ".com registry nameserver" for the "example.com" nameservers, and being given the answer, and an instruction to remember it for "2 days". Followed by a query for "www.example.com", with the answer and an instruction to "remember this for one minute".

This means that even if you set a low TTL for your own records, when you change the nameservers for a domain, you have a two day period when queries for your domain might still end up at your old nameservers. If your old and new servers are serving different records, users will get a mix of different answers.

The trick to achieving a clean switch between hosting providers is to separate the move from your old provider’s nameservers to your new provider’s from changing the individual DNS records that control who provides your web and email hosting. In other words, get the old and new nameservers serving exactly the same records, so that during the 48 hour nameserver changeover period, it doesn’t matter which nameserver answers the query. Once that changeover is complete, you can switch your web and email hosting by updating low-TTL records.

Our new fetch live records feature makes it easier to copy the records from your old provider’s nameservers to ours, so that you can do a seamless nameserver handover before migrating your web and email hosting. Unfortunately, this tool can only check for commonly used records because there’s no reliable way to get a complete list. The best solution is to get an export of your current DNS records from your current provider, and use our import function, but many providers don’t have an export feature in their systems.

This stuff is hard – we’re here to help

Domain transfers, and DNS in general, are difficult and confusing. For many of our customers, changing providers is a once-per-decade thing, whereas we deal with domain transfers every single day.

We’re working hard to build tools that make the process easier, but our support team is always on hand to provide personalised help.

Green hosting

March 25th, 2024 by

Mythic Beasts is now a verified Green Hosting Provider according to the Green Web Foundation.

Green Web check for mythic-beasts.com

We’ve demonstrated to the Green Web Foundation that all our UK and EU data centres buy as much renewable electricity as they use. This hasn’t changed our operations; internally we met this requirement in 2018. What’s changed is that we’ve now provided all the documentation to meet the certification standards of the Green Web Foundation.

Of course this isn’t quite the same as saying that all the electricity we use comes from renewable power. Ultimately, the electrical energy from a wind farm isn’t tagged to flow directly to the data centres we use and there is also no requirement that the electricity is bought at exactly the same time it is used. Similarly, the data centres have fossil-fueled generator backup which means small amounts of fossil energy are still used.

That said, we do believe that this is an important and useful step in the right direction. By getting verified under this scheme we, and the 429 other verified companies, apply pressure on the data centre suppliers to buy and use renewable energy which strongly encourages the marketplace to build more renewable generation.

Some of our data centre providers are very large well-resourced companies and they place very large long term orders for renewable power. This means renewable power providers can secure funding to build out renewable power generation. When they want to build a data centre, they also have to fund the building of an equivalent amount of renewable generation to power it.

Mastodon security update

February 2nd, 2024 by

Yesterday, the following not-so-subtle notice appeared on the admin interface of all Mastodon instances:

The Mastodon team announced on Monday that this release was coming, so we were ready for it:

Details of the vulnerability are still limited, but from what we do know it sounds serious (“Remote account takeover“).

All our managed Mastodon instances were safely patched just over an hour after the new packages dropped. One instance gave us a bit of trouble, as the new version appeared to tickle a bug in Elasticsearch causing ES to consume all CPU on the server. After we eventually pinned down the cause, it was resolved by an upgrade of Elasticsearch. Turns out the ES upgrade didn’t fix it, and we’re still working with our customer to get this resolved.

Managed open source hosting

Open source software such as Mastodon, GitLab and Nextcloud can offer a great alternative to the lock-in associated with proprietary cloud equivalents, but the effort associated with hosting them can be significant: backups, monitoring, security patching, and the investigation and debugging required when a supposedly innocuous software upgrade leaves your CPU usage wedged at 100%.

Our managed open source hosting provides the best of both worlds: the convenience of a “cloud” solution, but without the lock-in. Your data is yours, and if you don’t like our service you can take your data and host it somewhere else (although we’re confident you won’t want to). And because there’s no lock-in, you get straightforward pricing based on the resources you’re using, rather than loss-leaders followed by price hikes once you’re hooked.

Read more about our managed hosting, or drop us an email at for more information.