On Greg's cable map there is a second
route going through the arctic and it's said to happen in 2014. Remember
I had a story about Arctic Fibre here
a while ago. While arctic fibre goes along the north-west passage the
Polarnet Project
goes along the north-east passage and is said to be 190 ms from London-Tokyo.
Remember the soundings I took with ping and traceroute and I expect that my route will
alternate between arctic fibre and polarnet when I go to hong kong after 2014.
I totally envision 280-290ms round-trip latency, it'll be awesome! My
Hong Kong VPS rocks yesterday I renewed it for another year until September
2014, which will be just shy of seeing this fibre go into production, if I
renew again though it'll rock.
Since I was already doing a few errands, I donated 50 euros to OpenBSD. I
also renewed my VPS in Panama for another year (78 euros), and attempted
to renew my VPS in Hong Kong, however I had to submit a ticket to them first.
I'm looking forward to using all my VPS setup another year.
Now that I have a mobile device I noticed how my site sucked on a mobile
device. So I made a redirect based on User-Agent string. This was easy
to do because the main page is served with PHP. It now redirects to a
white page. If you are on a computer and not a mobile device and it
redirects you to /mobile.php then this is an error and I'd appreciate
it if you would let me know this. Thanks.
Yesterday, I purchased an ipod touch. I have several books on IOS programming
and intend to write my own apps for it. Also I may be using it for my
video blog entries as the camera is about the same quality as my webcam,
we'll see.
Goodbye goldy. It was a good 3 years. I do hope I have everything set so
that its expiration will not cause problems on my operation. And I have
one less domain to worry about.
This article talks about a new 6000 kilometer cable with landing stations in
Panama. As you may or may not know, my host americas.centroid.eu is located
in Panama and it's going to be interesting whether I will profit from this or
not. The profit would be in stability and reachability.
I have added a squid proxy to mars. It is transparent (used with divert-to)
rules. Because of the nature of asymmetric routing going on it took me around
45 minutes to isolate where a route was going, and it was getting stuck on
my AVM Fritzbox router. I can't really blame them, but laying a static route
from mars to Gaia fixed it up. Here is the new network again:
Because the tunnels are MTU 1280 there was some sort of mismatch between
mss and fragmenting (which I don't know how well openbsd does it). It
turned out to be that Videos being loaded by Gaia would get stuck 10 minutes
into the video. I don't even try to figure that out, I placed the squid in
the network and it has a more direct route to the AVM Fritzbox which rewrites
mss and mtu anyhow becuase it uses PPPoE. The squid fixes all these things
and I'm pretty happy.
Here is the code written by Figz in awk and shell script:
#!/bin/sh
awk 'BEGIN { for (i = 65; i < 91; ++i) { c = sprintf("%c", i); h[c] = \
h[tolower(c)] = i - 64 } } { tot = 0; for (i = 1; i <= length(); ++i) \
tot += h[substr($0, i, 1)]; print tot, $0 }' /usr/share/dict/words | \
sort -n
Here is the ruby 1.8 code (took me a long time to get it right):
jupiter$ time ./syn.rb | sort -n > blah.2
0m5.10s real 0m4.78s user 0m0.06s system
jupiter$ time ./syn.sh > blah.1
0m3.45s real 0m3.38s user 0m0.04s system
jupiter$ diff -u blah.1 blah.2
I was made aware of slides from a talk by Ed Lewis from Neustar.
Here they are.
While some intention is lost by reading slides, I think what he means to say
is that in an ever evil-growing Internet, UDP DNS needs to be replaced.
I agree to this and wonder if he's been reading my contribution to
Hackepedia
regarding amplification attacks. So what's the big deal? The big deal is
that people either purposely or innocently leave recursive dns servers on
their VPS's and colocated servers. These are amounting to great numbers and
can be used for amplification attacks to great bandwidths, as a recent attack
on Spamhaus was huge.
As you may know I write a DNS server, and it's not easy, but I have some
familiarity with the protocol. What Ed Lewis is saying is true and right.
We can't wish the evil people away, we must fix the protocol to keep it from
being used for evil. One way to do that is to use TCP. Now TCP is a state-
ful protocol, it has a PCB (protocol control block) in the kernel that keeps
track of its state. In the past DNS over TCP was restricted to AXFR, and
one would not dare mention (taboo) using DNS over TCP for other resource
records. Mainly because Operating Systems wouldn't be able to keep up. But
it's the 21st century and RAM has gotten cheap. There is lots of RAM for
many PCB's and CPU's have also increased in efficiency and speed. So...
Why not? I agree something must be done.
Click here for RSS