7 Circles

7 Circles now runs it’s own fediverse instances! Check out the new ones in the services list 🙂

7 Circles is expanding to Japan! We are proud to announce a new deployment with address space in Tokyo, Osaka and Aomori!

Members in the region will benefit from being able to utilize a lower latency regional node!

The cohost domain/services have been merged into the 7 Circles domains, cohost is now 7 Circles completely

I’m writing this because the goal of 7 Circles, and by extension CoHost has always been ambiguous. My end goal for my network and it’s services is to be an overlay replacement to the normal internet.

I’m tired of the constant negative feelings and realities of this world, I’m tired of the miserable internet of today, controlled by 3 or 4 companies for everything, and the braindead and careless attitude the majority of the people in the world have surrounding the failures of our society.

So I’m making my own, 7 Circles will eventually, for those allowed to enter be a drop in replacement for the internet and all it’s services, without having to deal with the negativity and hate in the world.

That’s my goal with 7 Circles & cohost

Replace the internet, because nobody else can be asked to fix it.

The old saying goes that if you want something done right, you do it yourself. So I’m doing it myself!

Grab the torch and start this disaster of a world over, because the current one is miserable and can’t be fixed.

Hey all! So I’ve recently redesigned our networks architecture, and figured I’d share as some may find it interesting!

So cohost is a collective operated by the 7 Circles network (cohost and 7 circles are one in the same, cohost is the group, 7 circles is the network) ok got it? great!

The reason I mention the above is the foundations of the cohost network are based in BGP, we use public address space in all our regions and sites, and this meant in the beginning, we didn’t have any tunnels or protection guarding the actual traffic between regional sites. This was fine initially, given everything we host uses encryption anyway. However eventually, the thought came to mind as to why don’t we protect the actual traffic and headers between the sites also!

---

After doing some planning, we decided to use wireguard with an open allowedIPs list to use BGP inside the tunnels, allowing us to use dynamic routing inside the tunnels! The benefit here is traffic going between sites on cohost is now encrypted with the tunnel, in addition to any protection the service already had, be it TLS in-flight, https for web traffic, etc.

Unfortunately I don’t have any cool info on how I got the tunnels up in a mesh, I did this by hand, by generating the keys and loading the tunnels on each of the edge routers for our sites. The new design looks more like the below though!

The new design is using a mesh of wireguard tunnels with BGP sessions to exchange routes between the core sites, meaning the only traffic that could feasibly be seen in open air would be traffic headed outside the 7 Circles network!

Thus completes the current design of the network!