Yesterday, Today on the Cloudflare Community
Presented by: Tim Cloonan
Originally aired on December 29, 2021 @ 1:30 AM - 2:00 AM EST
A fast paced look at Cloudflare Community activity, a deep dive into the hot issues from yesterday -- and related CommunityTips and tutorials. Featuring an interactive troubleshooting session led by a Community MVP.
Original Airdate: August 7, 2020
English
Transcript (Beta)
Welcome to Yesterday Today on the Cloudflare Community. I'm your host, Tim Cloonan.
If you'd like to know more about the Cloudflare Community, join us every Friday for a new edition of Yesterday Today.
Each week, we start by looking at a summary of our popular topics and site traffic from last week with this Community Day and the Community Traffic Report starting at 10 a.m.
Pacific Time. That's followed by a review of top community issues from last week, the ever informative Using the Community Tip, occasional interviews with community MVPs, Cloudflare employees, and Cloudflare partners.
And every week, we feature In Class with Cloudflare, where we learn a few things from the community and put them into a Yesterday Today Community Tip that you can access.
Turning to the Traffic Report.
Overall, community traffic was down versus the prior week, which with new posts and new topics, both down as well.
Last week, that means basically that fewer people talked about fewer things on the community.
The number of new customers joining the community decreased last week, week over week, but consistently remains up for the year.
For this Community Day last week, the top three searches were for 1020 errors, followed by searches for 525 errors, and finally 1015 errors.
The most popular category for discussion on the community last week was again security, with questions about firewall rules leading the discussion.
You may recall security has been one of our top categories for four out of the last four weeks.
Activity in the security category was again followed by the second most active category of DNS and network, with questions about name servers still holding strong in that category.
Next was the getting started category, with questions about DNS and security settings at the top of the category.
And that leads us to our top story today.
I mentioned last week that for the next several weeks, yesterday, today, we'll talk, we'll have a series of shows that will feature the Raspberry Pi.
And today, we're going to kick off that series of shows. Now, welcome.
I'm so very lucky this week to be joined by Ricardo Mendoza of Pantacor.
Ricardo is joining us from Spain. He's here to talk about Pantacor and 1.1 for families running on Raspberry Pi.
Ricardo, thank you. Welcome to Yesterday Today.
I appreciate you taking the time in the middle of your evening. And welcome.
Thank you. Team, thank you. Thank you for having me, of course. This is fantastic.
I became involved with working with open source, with communities, but working with open source developer communities.
And I've been looking forward to chatting with you all week.
I enjoyed our discussion. We were getting set up and getting ready.
This is one that's near and dear to my heart in terms of the things that we talk about and the things that are of interest to customers in the Cloudflare community.
So, I appreciate it. And I'm fascinated by the work that you've done with OneDot, the connection with Cloudflare.
I mean, we're spanning an ocean and talking from a couple of different continents and kind of talking about the same things.
And it's nice that we were able to be brought together.
But talk to me about how all of this came about. Like, how did we end up talking today?
Right. Well, I mean, so this all came about during the confinement, right?
Early pandemic days. It happened to align with when Cloudflare released that 1.1.1 for families, right?
Which is the product to do sort of automatic DNS filtering, depending on if you want an open network or something protected for kids' usage, for example.
Actually, it came from the company. It is a community project, we call it, really, but it came from one of our employees.
He saw the blog post from your CEO announcing OneDot for families.
And he decided to find an easy way to get that going in his home network to help protect his kids and so on.
Because as kids spend more time at home, they're consuming a lot more content, right?
They're with their tablets or watching Netflix, this kind of thing, right?
So, he said, okay, well, instead of putting it on the main home Wi-Fi, I would like to have a separate Wi-Fi network so I can connect all of my kids' devices to that network.
He had some Raspberry Pis lying around because that's one of the things that we work mostly with in the company.
And he decided to just create a hotspot with one of those.
And through PantaHub, through our APIs, make it configurable to choose which DNS to use, right?
The open one, the malware-blocking one, or the adult-blocking one.
And that quickly became like a pilot project of his own, right?
So, yeah, it was a project to protect his kids, let's say. And it happened at the exact same time when you guys brought out OneDot for families.
That's fantastic.
So, then let's talk about the product, I think. Let's actually kind of look at kind of what's next and what we have and maybe talk to it a little bit in terms of how folks actually begin to use it.
Yeah, sure. So, we basically saw what he was doing and he shared it with management.
And we said, well, this is actually quite interesting.
During pandemic times, it has a potential to have high outreach, right?
Because everybody's facing the same problem, right? They're stuck at home with kids.
Kids are not going to school. And all of a sudden, you're also expected to do remote work, right?
So, you cannot be caring for them all the time.
So, a lot of patterns resolve to given devices, right? So, we said, all right, let's create a website around this so that people can control it for less tech-savvy people, let's say.
So, people can just onboard a Raspberry Pi and get going, right?
With a click-click interface to say block the content or open the content and configure my hotspot with this network name and this password.
So, two or three very simple configuration options, right?
And that's when what we call Panda Hub One was born, right?
One borrowing from the name because it's called like a costing project or something like that, derivative project.
And we made this website, right?
That allows you to set up your Raspberry Pi to download an image and flash it on your Pi and gives you very nice clear instructions on how to do that and just get going, right?
Create your hotspot and connect your kids' devices to it, right?
At the beginning, it was about configuring those Internet filters, making it open or idle content, but it has grown since then a lot more, right?
It has become about bringing even more applications to that party, let's say, because we said, okay, the filters are just one application, right?
There are more things that people can use, right?
So, I'm fascinated by this. It's one of the things, so as you mentioned during the pandemic, everything has changed.
And I'm working from home.
I'm still working with our community. But my use case and how I became enamored with this and quite excited about it is a really fundamental one in that I work with our community.
Folks tell us about sites and they say, I'm having a security issue here.
I have a search issue. I have a DNS configuration question.
And I share this link. And from time to time, the links are ones that you don't necessarily want to click on at work or anywhere.
And so, we ask folks not to share those links.
We comment them so that they don't appear that they're not clickable.
But invariably, you end up stumbling across a link and hitting a link you don't really want to hit.
And that's happened. And what I've been able to do is actually use the malware filter to protect my network.
So, if somebody slips a link in on the community and it's one that I don't want to go to, I don't go to it, which is, I know isn't necessarily, I mean, this isn't the kind of protecting my family, but it's protecting my network, which in kind of a very realistic use case.
So, I'm just, I'm absolutely fascinated by how easy it is. I run this, I run a mixed network of different devices.
So, I have probably five different operating systems represented.
One behaves in a different way. Can you talk to, I mean, talk to how this is better than the options that we have.
Right.
Well, yeah, exactly. I mean, and if you bring kids to that question, you know, the whole point of having a separate Wi-Fi router is exactly that one, right?
Is to have different network segments in your house, right?
Because you don't necessarily want to block everything on the main Wi-Fi network, right?
Or you want to have a little granular degree of control, right?
So, maybe you can set up a Raspberry Pi because these are very inexpensive devices, right?
We're talking about 35 off the shelf, right?
$35. So, you can maybe set up a hotspot for the kids, maybe for the kids gaming devices, right?
You can have another one for the kids room, right?
Where, you know, they have some devices and they're there by themselves.
And so, maybe you can control the way your network works, right? Without having to do a sort of all or nothing situation, right?
Also, being able to change the filtering strategy just with the click of a button is a lot simpler than having to go to your router settings and changing the actual DNS endpoint, right?
And even beyond that, because we're doing it this way, we're using DNS over SSL as well, right?
So, because we have more control over the router, it is secure DNS, right?
Which not all routers support, right? So, you gain a lot of extra benefits, right?
All of your traffic is encrypted, not just the actual content, but also the DNS requests.
This is also using the Cloudflare D proxy for DNS requests and so on.
So, it's using a lot of Cloudflare stuff. But maybe let me show you a little bit of how the website looks.
So, people see how easy it is to get a device going, right?
How to configure it. Let me share a screen here. Let's see. Okay.
Can you see that? I can see. Okay, great. So, this is the website you see when you have no devices installed on the platform.
So, it gives you a little bit of an introduction of what the original idea was, which was basically using 111 for families for the parental controls aspect, right?
Before, we used to have some buttons up here that allow you to do some things.
But the bottom line is, it is relatively straightforward to onboard a Raspberry Pi, right?
So, this is a little Raspberry Pi, right?
You follow three or four short steps. You download an image, either for a Raspberry Pi 3 or 4.
You don't need to sign up, technically, because this will do it all in the context of an anonymous session.
If you don't want to sign up for a PandaHub account to test, right?
We recommend that you sign up for one anyways, because if you want to control it over the long term, it is easier to find your routers if they're associated with your PandaHub account.
Otherwise, you can do it as an anonymous session, and you can always control it from the browser where you installed this thing, right?
So, you can follow your instructions.
You can download the image. You can download the installer for Windows, for Mac, or for Linux, right?
And basically, you know, here's a little GIF that shows you how to flash the image on the SD card, how to put it in, and basically boot your device and get going, right?
In my case, I do have an account where I have some devices set up.
So, we're going to log into that one. This will take us to PandaHub, which is the authentication system in this case.
We're going to grant access to my devices, and once we come back, we get an interface that shows me the Raspberry Pis that I have already installed, right?
You can see one of them is green.
It means it's the only one that I have online at the moment. It is a Raspberry Pi that I'm using at the office as a hotspot, right?
So, over here, you can see the usual suspects.
You can configure the normal things, like the network name you want your Raspberry Pi to have, the password you want to have, frequency and security levels, and then you can get to, over here on the left-hand panel, we have what we call the applications, where the main application is the Internet filters, right, that are provided by 111 for families, right?
When we go there, we have the, you know, the three selections, the three options that we have.
It's the three different DNSs, the one for open browsing, for malware blocking, and for idle content blocking, and you can change between them just with the click of a button, so it's relatively straightforward, right?
If you have any questions, Tim, you know, let me know.
So, I'm fascinated by this. I mean, the corollary that you'd have to do, I would have to go into my router, every one of my devices, I guess, and say, okay, I want 1 .1.1, I want 1.2, 1.3, so I would just that problem, right?
So, now the Raspberry Pi is a hotspot, we leave it running there, and forget about it, and everything is remotely managed through this interface, right?
So, you choose, literally, the 1.1.1, the 1.2, or the 3, and that becomes automatic, right?
And as I said, it actually goes through the security DNS, so it's the endpoints, the family endpoint, and malware, and secure endpoint, and those things, right?
So, there's more to this, however, right? It's not just the 111 for families application, this is how it started, right?
But this has been going on for about a month now, and in that time, the team has got an interest within it, and has decided to add more features, right?
Let's talk about those.
I'm curious as to the direction and where we're going. Sure. So, one of the main things we, second thing we added was the games filter.
We said right away, well, let's, along the same lines of, you know, complicated parental controls on a per-device basis, we said, let's make a sort of on-off kill switch at the edge of the home, so at the actual main router, right?
So, you can turn games on and off on demand, right?
The reason for this is, well, depending on your parenting style, you know, it can be a point of content, right?
But at some point, being able to just press a button instead of having to unplug a device, or say, well, no more for now, right?
If your kid maybe has gone on a, let's say, a little bit of an addiction role with the game, right?
Being able to press a button and just say, well, Fortnite is now blocked, and then the game won't allow the kid to enter a new session, it has a lot of power, because it's the same as we saw before.
Instead of having to go to your router, your parental controls to set every blocking strategy, just press a button, the same happens here, right?
Instead of having to, you know, unplug this device, or do that thing, or enter into a quarrel with your kid, maybe just press a block button, right?
At that point, you know, the game goes off.
So, in every place that my kid is playing Fortnite, every gadget is blocked.
Exactly, right? Because we're doing it at the level of the, what we call the edge of the home, right?
Which is where your ISP connection comes in, let's say.
So, this is your Wi-Fi router that provides, let's say that you connect all of your kid's tablets, and phones, and consoles, and so on, to the kid's gaming Raspberry Pi Wi-Fi hotspot, for example, right?
So, at that point, you have control over these things, right?
You can say, okay, we kill Fortnite, or we, you know, we block malware sites, or phishing sites, on a very straightforward way, just click, click, and you're done, right?
No need to, you know, break your head around it, right?
And as we continue, you know, more things came to the table, we realized that actually Cloudflare has a vast array of applications that make sense, also for home use, right?
A lot of them are targeted right now, either for, well, they're mostly targeted for individual devices, right?
So, setting up some applications on your mobile, or on your desktop, or on your laptop for remote working, and things like that.
So, we said, okay, well, at the end of the day, it's about network tunneling at different levels, right?
Tunneling, DNS controls, and this kind of things. So, we said, let's do that also at the router level, right?
So, the first thing that came to mind was Cloudflare Warp, right?
Which is, of course, I'm sure everybody's familiar with Warp, it's a great application on mobile devices, as well as on the desktop, it allows you to tunnel through the Cloudflare global network, which on the get go, gets you, you know, faster access to sites that are hosted on Cloudflare properties, right?
And as a second degree, well, it gives you privacy and everything, because everything is routed through the Warp network, let's say.
But, you know, it's easy to enable that on my phone, it's just a button.
But if I want to do it for my home, we said, well, you know, let's warp the entire house, right?
Let's warp everything, let's warp the whole network, right?
Why do I have to enable it on every device, right?
So, we brought this here as an application, and as you can see, it's as straightforward as on the phone, right?
I mean, I can turn the thing on, like, for example, my phone right now is connected to this same hotspot, right?
So, I don't know if you can see my phone easily over here, but if I show you here, you can see that the ISP on the speed test application is Movistar, right?
Which is my local ISP here in Spain.
Then I can go ahead and enable Warp, right? So, just as on your phone, Warp will basically set up a wire guard tunnel, right?
That will automatically be configured with Cloudflare to the nearest gateway access point, you know, to the nearest data center that Cloudflare operates in your vicinity.
In my case, there's one here in Madrid, so I get routed through that, right?
If I then open that application again, I should basically, all of the traffic that is going through my phone now is going through the Cloudflare network.
So, you can see that my ISP changes to Cloudflare Warp, right?
So, the same would apply to any other, you know, tablet or phone or laptop that you might be using on the network, right?
So, you know, there's no degradation of speed either, like, I'm still hitting the maximum that my Raspberry Pi was giving me, right?
So, it works quite well, right?
It's literally a drop-in solution. Click, click, and you're warped, right?
Your entire home warps. Fantastic, and Warp is new. Can you, can you, that's, this is, this was not in the...
Yeah, Warp. Well, the Warp, I mean, Warp has been on the side for about a week now.
We've been iterating on it a few times.
Right now, this button is new, you know, showing the interface that is connected is new, and we've been making it a little bit more robust, right?
Sometimes it takes a few seconds to start, but so far, it seems to be very straightforward.
Things are solid, and, you know, you warp your whole, your whole home, and it will be fine.
If you want to get off of it, it's just, again, it's the same thing. I press deactivate it, and that's it, right?
My network is now going directly through the ISP.
And, you know, and last but not least, of course, we said, well, we keep growing all of these applications on a weekly basis, pretty much.
So, we said, instead of having everything here on the left, let's actually, why don't we create a concept of a bit of an app store, right?
Let's create an app store. We said Cloudflare still has a lot more applications that we could bring here that make sense to having the networking segment of your home, right?
You know, instead of having things like access or teams or any of these things that actually facilitate remote working, for example, we could bring those guys here as well, right?
And then do it at the level of the home.
So, all of your laptop, your desktop, whatever, your phone, all those things are going through your enterprise setup, let's say, right?
But, in addition to that, the Raspberry Pi is a massive community, right?
We're talking about a Raspberry Pi here.
So, there's millions of projects out, well, maybe not millions, but tens of thousands of projects, that's for sure, that are made by community members, right?
Things ranging from IoT control, like home assistant for driving your lights, your Philips Hue stuff, you know, like all these kind of things.
There's emulators for consoles, you know, there's different other, like firewalling software, things like this, right?
That are relatively, you know, you have instructions you have to follow, and usually, if you want to install your Raspberry Pi with those things, you can only do that, right?
And if you want to then try a different project, well, then you have to migrate to that project altogether, right?
So, in our world, we said, why don't we make those installable applications that can coexist with each other?
So, I can have my Raspberry Pi with my Wi-Fi hotspot, but maybe at the same time, it's an emulator for a console that I can connect to my screen, and at the same time, it's doing VPN for my whole home, right?
So, you know, we should be expecting more applications showing up on this app store.
Hopefully, it will be up in about a couple of weeks, and I'll keep, we'll keep people updated, of course, right?
Oh, that's fantastic.
So, I am quite intrigued, and we jumped right into this, and I am, I mentioned I'm a big fan of the open source approach, and we talked a little bit about the community around this, but so, this isn't just open source apps.
I'm assuming that at some point, talk to me about the company and the corporate model, and are there other apps that, besides open source, that folks could plug in?
Where do you see this going?
Well, I mean, from the application's point of view, anything goes, you can have private apps, proprietary apps coming here as well.
At the end of the day, the Raspberry Pi as a hotspot becomes an application runtime, right?
Kind of like your phone or your tablet, that's it, right? So, you can have all types of applications.
However, the model in Pandacore, we are an entirely open source company, right?
So, everything that you see here, like the web application itself, for one, to install all of these things, it's completely open source, so you can actually go on.
It's a React application, pure JavaScript, it's a pure front-end application.
So, there is no back-end or crazy magic happening over here at the one level.
This is rather using Pantahub and the set of APIs that Pantahub offers to control the devices.
So, my Raspberry Pis are connected to my Pantahub account, and as such, Pantahub gives this web application access to control those devices, right?
The web application, the only thing that it does is it abstracts away the complexity, right, to configure any one of these applications.
We work a lot with telcos, basically, and telco vendors, specifically in this segment, like home networking, you know, home Wi-Fi routers, and these kind of things, to enable dynamic models like these ones, deploying services and applications at the edge in a much more, you know, versatile and modern way, right?
That's what we do.
Okay, okay. So, this very much fits in with both what you do at a corporate level as well as at the community level.
Where does the community congregate?
Where do folks get together to talk about this? I know there are, you know, the number of Raspberry Pi sites are legion.
Right. Stimulate a conversation. Where do we go?
Right. So, on one side, we consider ourselves for this project to be part of the Raspberry Pi community.
So, however, for one itself, for this application, we have people congregating around a Discord server that we have.
This is the Discord developer server for the ARM community.
It is run by a guy called Robert Wolf.
We will put these links up anyways later on Cloudflare community. We should make a post about this, I think, where we can put those links so people can also see where to find information and have a conversation.
But I would say in the context of the applications that we're using here from Cloudflare, right, it'd be great to have a post in your forums, right?
That would be a first point of contact, right?
As I said, our company is mostly about enterprise services and corporate.
So, we don't really do, we haven't been doing a lot of community stuff.
This is kind of like that main, that first big community project that we're just giving out for free to people to use.
And even though everything is open source, we're pushing this one more for people to contribute, right?
As you can see, this is about adding more applications.
So, whoever has an idea of any application that can come in, let's go for that, right?
Oh, that's fantastic. And, I mean, our community doors are completely open.
We welcome, I mean, contributions, participation, posts.
Making the community aware of these kinds of really cool apps is not only fun, it actually kind of fulfills our community mission, I think.
So, good. So, let's do that on the post. Let's also talk a little bit more about, we have Warp now, and we're going to be doing more apps later on.
What do your telco customers think about this? I mean, you're working with folks that presumably are putting edge routers into ISP data centers, and then you show up with a Raspberry Pi.
What's the comments? What kind of comments do you receive?
Oh, and you froze.
Oh, folks, I think we may have lost Ricardo.
All right.
I'm not sure if we'll get Ricardo back for the end of the show. I'm very, very curious in terms of the direction.
Hi, Ricardo. Perfect. I was just curious in terms of how does this align with the overall corporate direction?
I mean, so, as I said, this is what we mostly do. Our main model is about bringing this same model of applications to Wi-Fi routers.
So, we work with telco vendors that make Wi-Fi equipment and CPEs and set the boxes for the whole, and we make them application-enabled.
That's what we do, and we provide a lot of the infrastructure and all the services that are required to keep this going at scale.
We're talking about millions of Wi-Fi routers being deployed out there, but we're the ones that provide that kind of functionality.
This is fantastic. This is great.
I am quite impressed. Like I say, when I first started looking at this, I was intrigued by the choice of platform.
I was obviously excited about OneDot on there.
Hearing about Warp is just complete music to my ear. That's just fantastic. It's one of the questions that we get frequently on the community is, when can I warp X?
It's always a corner case device. It's something that it's like, yeah, it'd be great to have warp on that, but now it seems like I don't need warp on that.
I can get the advantages of warp from anything, from any one of my devices.
Exactly, and that's the beauty, I think, of that edge of the network that starts.
Well, let's say that the network, the ISP network ends at your home, right?
And at that point, you have your own network, which is your home, right?
So there's a lot that can happen at that edge, right?
And this project showcases that, right? As you were saying, we're warping the whole home, but we can do a lot more things, right?
I mean, especially with those, if you start thinking about remote working and all the possibilities out there nowadays, right?
I mean, because not everybody is given a laptop that is enabled with all of the super enterprise applications for working remotely, right?
So maybe you and I are, right? But perhaps somebody that works at a lamp salesman doesn't, right?
And they're expected all of a sudden to work from home with their own equipment, right?
So making that transition easier without having to have that person go jump through a million hoops, right?
Has a lot of value, right? This is fantastic. So we will get together on posting in the community.
Okay. Will you please come back and share as more apps become available and let's keep the conversation?
Sure. Excellent. We're going to be doing a couple more episodes on Pi over the next few weeks, and we'll be showing gateway running on a Pi.
We're going to be talking about how customer support is using Pis.
I think all of this just fits right in. And thank you. Perfect.
I appreciate you joining us. I appreciate you being here today. And that leads us to our first pro tip for our Pi series, which is there's still time to grab your Pi.
As Ricardo pointed out, you have them laying around. I found three and I just didn't really look.
So you have the Pi laying around, there's time to grab them.
Let's do something with the Pi over the next few weeks. We'll have a lot of different options that we can show.
Ricardo, thank you. And that concludes our episode of Yesterday Today on the Cloudflare community.
I'm Tim Clunan. If you'd like to know more about the community, join us every Friday for a new edition of Yesterday Today.
Have a good day.
Thank you, Tim. Bye.
