Centroid.EU Blog

(this blog is mostly encrypted - adults only)

Previous Page

A second arctic route...

June 8th, 2013

On Greg's cable map there is a second route going through the arctic and it's said to happen in 2014. Remember I had a story about Arctic Fibre here a while ago. While arctic fibre goes along the north-west passage the Polarnet Project goes along the north-east passage and is said to be 190 ms from London-Tokyo. Remember the soundings I took with ping and traceroute and I expect that my route will alternate between arctic fibre and polarnet when I go to hong kong after 2014. I totally envision 280-290ms round-trip latency, it'll be awesome! My Hong Kong VPS rocks yesterday I renewed it for another year until September 2014, which will be just shy of seeing this fibre go into production, if I renew again though it'll rock.


Donation time again

June 7th, 2013

Since I was already doing a few errands, I donated 50 euros to OpenBSD. I also renewed my VPS in Panama for another year (78 euros), and attempted to renew my VPS in Hong Kong, however I had to submit a ticket to them first.

I'm looking forward to using all my VPS setup another year.


OpenBSD Arrived! VLOG entry #3

June 4th, 2013

Finally after ordering it on April 6th, it's here!


Changed the Main Page

June 2nd, 2013

Now that I have a mobile device I noticed how my site sucked on a mobile device. So I made a redirect based on User-Agent string. This was easy to do because the main page is served with PHP. It now redirects to a white page. If you are on a computer and not a mobile device and it redirects you to /mobile.php then this is an error and I'd appreciate it if you would let me know this. Thanks.


Purchased an ipod touch

May 29th, 2013

Yesterday, I purchased an ipod touch. I have several books on IOS programming and intend to write my own apps for it. Also I may be using it for my video blog entries as the camera is about the same quality as my webcam, we'll see.


Goldflipper.net expires today

May 25th, 2013

Goodbye goldy. It was a good 3 years. I do hope I have everything set so that its expiration will not cause problems on my operation. And I have one less domain to worry about.


Panama getting more bandwidth in 2014

May 24th, 2013

This article talks about a new 6000 kilometer cable with landing stations in Panama. As you may or may not know, my host americas.centroid.eu is located in Panama and it's going to be interesting whether I will profit from this or not. The profit would be in stability and reachability.


Added squid proxy to mars

May 24th, 2013

I have added a squid proxy to mars. It is transparent (used with divert-to) rules. Because of the nature of asymmetric routing going on it took me around 45 minutes to isolate where a route was going, and it was getting stuck on my AVM Fritzbox router. I can't really blame them, but laying a static route from mars to Gaia fixed it up. Here is the new network again:

Because the tunnels are MTU 1280 there was some sort of mismatch between mss and fragmenting (which I don't know how well openbsd does it). It turned out to be that Videos being loaded by Gaia would get stuck 10 minutes into the video. I don't even try to figure that out, I placed the squid in the network and it has a more direct route to the AVM Fritzbox which rewrites mss and mtu anyhow becuase it uses PPPoE. The squid fixes all these things and I'm pretty happy.


Alphabetical countup AWK beats Ruby 1.8

May 23th, 2013

Here is the code written by Figz in awk and shell script:


awk 'BEGIN { for (i = 65; i < 91; ++i) { c = sprintf("%c", i);  h[c] = \
h[tolower(c)] =  i - 64 } } { tot = 0; for (i = 1; i <= length(); ++i) \
tot += h[substr($0, i, 1)]; print tot, $0 }' /usr/share/dict/words | \
sort -n

Here is the ruby 1.8 code (took me a long time to get it right):

#!/usr/local/bin/ruby -w

ahash = Hash.new

('a'..'z').each { |a| ahash[a] = ahash[a.upcase] = (a[0] - 96).to_i}

open("/usr/share/dict/words", "r") { |f| f.each {
                count = 0
                (0..w.length - 2).each { 
                                count += ahash[w[c,1]];
                puts "#{count} #{w}"

And here is the timings:

jupiter$ time ./syn.rb | sort -n > blah.2 
    0m5.10s real     0m4.78s user     0m0.06s system
jupiter$ time ./syn.sh > blah.1           
    0m3.45s real     0m3.38s user     0m0.04s system
jupiter$ diff -u blah.1 blah.2

I don't think I can make the ruby any faster...


Move DNS to TCP? Great Idea! Really...

May 22nd, 2013

I was made aware of slides from a talk by Ed Lewis from Neustar. Here they are. While some intention is lost by reading slides, I think what he means to say is that in an ever evil-growing Internet, UDP DNS needs to be replaced. I agree to this and wonder if he's been reading my contribution to Hackepedia regarding amplification attacks. So what's the big deal? The big deal is that people either purposely or innocently leave recursive dns servers on their VPS's and colocated servers. These are amounting to great numbers and can be used for amplification attacks to great bandwidths, as a recent attack on Spamhaus was huge.

As you may know I write a DNS server, and it's not easy, but I have some familiarity with the protocol. What Ed Lewis is saying is true and right. We can't wish the evil people away, we must fix the protocol to keep it from being used for evil. One way to do that is to use TCP. Now TCP is a state- ful protocol, it has a PCB (protocol control block) in the kernel that keeps track of its state. In the past DNS over TCP was restricted to AXFR, and one would not dare mention (taboo) using DNS over TCP for other resource records. Mainly because Operating Systems wouldn't be able to keep up. But it's the 21st century and RAM has gotten cheap. There is lots of RAM for many PCB's and CPU's have also increased in efficiency and speed. So... Why not? I agree something must be done.


Next Page


RSS Feed

Click here for RSS

On this day in

Other links

Have feedback?

By clicking on the header of an article you will be served a cookie. If you do not agree to this do not click on the header. Thanks!

Using a text-based webbrowser?

... such as lynx? Welcome back it's working again for the time being.

Older Blog Entries

Powered by BCHS