• The problem that people have been attempting to solve, for years, is the lack of space in the IPv4 addresses space.

    There are currently more devices attached to the Internet or “the network” than there are addresses in the IPv4 space. This requires address overlap.

    The smallest section of a network is the “subnet”. A subnet can hold anywhere from 2 to over a million devices.

    Consider a small business network. They have three networks, a network that is connected to the Internet, labeled DMZ, a network for the security cameras, labeled CCTV, and the working network, labeled Internal.

    They have a router between the Internal network and the DMZ. There is another router that takes traffic from the DMZ and transfers it to the Internet.

    The CCTV network does not need to ever touch the DMZ network, nor does it really need to touch the Internal network. So they run a completely separate physical network so that CCTV traffic is never available on the Internal or DMZ networks.

    This could become costly. Consider a situation where you need to connect multiple buildings. Maybe some of those buildings can be connected with fiber, but others are using radio links. Radio links are expensive.

    The traffic is low enough that there is no justification for a second radio link. Besides, it is difficult to run two radio links side-by-side.

    The solution that was implemented is the Virtual LAN, or VLAN.

    When you define a VLAN, you set a tag in the Ethernet frame, identifying which VLAN this frame belongs to. Now, we can put all the CCTV traffic on a VLAN and use the same physical network as we use for the Internal network. All is good.

    This isn’t a complete solution, it is possible to configure a network card to listen to a particular VLAN, even if that device isn’t supposed to be on the VLAN. It is also another configuration point which smaller devices might not support.

    As an example, I’ve never found a method to put my cell phone on a particular VLAN. It is likely possible, I’ve just never found it.

    Same with my CCTV cameras. They exist only on the default, untagged, network.

    One of the very nice parts of using a VLAN, is that you can have overlapping address space. I can have 192.168.88.0/24 on the physical network and 192.168.89.0/22 on the same physical network but with a VLAN tag of 87. They are overlapping address spaces, but they do not interfere with each other.

    The solution was to allow a L2 switch port to be tagged. Now, by device which only uses the untagged frame can be plugged into a tagged port. All traffic coming from that port will have a VLAN tag added to it. All traffic sent to that port will have the VLAN tag stripped from it.

    This means that a CCTV device sends and receives on the default (no tag) network. It reaches the switch and the packet is now on a VLAN. Another device on the Internal network is also on the same VLAN. That device, a monitoring station, can now see the CCTV footage.

    If a port receives a frame that is tagged, it drops the frame. This keeps VLANs from leaking from their approved segment.

    If there is a need for a port to accept multiple VLANs, it is configured as a trunk.

    Thursday, I attempted to move ceph to an OVN network. This would eliminate the need for a VLAN and would give me a single subnet across multiple physical subnets. It failed.

    Friday, I attempted to put a new L2 switch into place. The good news was that I didn’t need to break my entire network to do the testing.

    The test computer has two NIC’s. One is connected to the management physical network. The other to the back plane network. I was able to establish a connection to the management port.

    Once there, I could establish that I had full bandwidth to other nodes on the physical network, using the physical subnet. I could even reach multiple subnets using that same interface.

    Then I tried the VLAN. The VLAN failed. There was no network traffic passing through.

    It also looks like they do not have a large enough MTU.

    Conclusion

    I’m still black boxing this thing. It has been a painful trip. I have more than a few more tests to run. It is just overly painful trying to get there.

            

  • I did not want Jimmy Carter to win. Neither did my parents. When he was elected, we were willing to cheer for him to succeed.

    He didn’t. As much as Biden and Clinton messed up this country, no single President comes close to Jimmy. Most of the mess in the Middle East can be laid directly on him.

    When Clinton was elected, I was unhappy. He did not strike me as a good person for the job. Still, I cheered for my country. I wished him success in bringing good things to our country.

    It turns out that Bill is a morally bankrupt person. The rumors of people taking the “w” key from all the keyboards in the White House? My boss at the time was responsible for replacing all the vandalized keyboards.

    I was extremely disappointed when Biden won the election. Because numbers are a gigantic part of my life, I looked at the numbers and knew that these were questionable numbers. Not that they were proof of cheating, but that they were indications that the event should be audited.

    No court heard any of the Trump challenges on the merits.

    Larry Correia wrote a great article regarding how auditors find fraud, —One of these things is not like the other | Monster Hunter Nation (Jan. 5, 2021).

    My issue was how it felt like “they” were out to punish “us” for speaking up.

    Still, I hoped that we would make it through 4 years of Joe without too much damage. We are still here.

    They Want Us to Fail

    An article caught my attention, A Trump judge blocked overtime pay for 4 million workers in TEXAS….

    Having been reading and following court cases, I was interested in what was going on.

    First, Trump appointed the judge. That doesn’t mean the judge was wrong, nor does it mean that the judge acted in a biased way. But they had to hang this on Trump, so “Trump judge”.

    To anyone in Texas that voted Blue and is affected. I am so sorry… To anyone in Texas that voted Red and is affected… Fuck you, you got what you voted for…

    I’m on salary… but I wanted yall to have it. But folks voted for this.

    Trump voters are about to find out the hard way and I will laugh the entire 4 yrs as their broke ass’s get on interviews begging for help!

    The actual ruling? Judge blocks Biden administration’s rule to expand overtime pay for millions

    Sounds to me like it was a judge following the law.

    Conclusion

    They want the economy to tank. They want everybody to be hurting more than we are now.
    They want it out of spite. They are evil and like most evil people, think they are on the side of good.

            

  • Speak softly and carry a big stick

    Trump might not talk softly, but he does have a big stick.

    While the left is melting down and calling us stupid, Trump announced that he would impose a 25% tariff on Mexico and Canada if certain conditions were not met.

    The opposition party in Canada is yelling at the government to fix it fast, before January 20th.

    The Mexican President turned back a migrant convoy before it reached the US border.

    Turkey Leftovers

    My son made it home from collage late Wednesday. So my wife made a turkey for him tonight. To go with the larger turkey, we will have for Friendsgiving on Saturday.

    It was nice to have young muscles on call. I had him move the arbor press. I can now recover my table saw and work on some woodworking projects.

    It was pleasant listening to him talk about classes. It was a bit sad that I knew much of the theory of what he was working on/learning.

    He has decided he is going to get an internship to get some hands-on experience to go with his classroom and lab work.

    I’m proud of him.

    Nerding one: OVN networking

    I thought I had a handle on OVN networking. My tests were showing good connectivity. It should have just worked.

    I’ve had trouble wrapping my head around some concepts in OVN. One of them finally clicked, improving my life.

    When you create a logical switch, nothing is connected. You can create logical switch ports which must be attached to a logical switch.

    There are three types of ports I deal with, ports that are connected to virtual interfaces, such as a VM creates, ports that are attached to logical routers, and ports that are connected to the local network.

    It was my understanding that if I wanted a high availability network, I would need to configure a distributed gateway.

    When I did, I got dropped packets. If I reduced the HA gateway to a single node, no more dropped packets. Also, no HA.

    An article appeared. It indicated that I needed a different logical switch to make everything work.

    The issue was that the DMZ is a logical switch that is a part of the physical network. My logical router is attached to the DMZ, so attached to the physical network.

    What I required was a second router to be that gateway. It exists on the physical network on multiple chassis, but it is connected to the JOIN logical switch, which is stable. This fixed all my issues with that part of the networking.

    Another step in the right direction.

    Nerding two: Moving machines

    THE PSU for one set of machines is running near limits. I need to move at least one node to a different PSU.

    The correct method to use is to create a new subnet for the new location, feed it back to the primary router, and start moving from an L2 network to an L3 network.

    The issue is that Ceph wants all the data nodes to reside on the same network. The public side is also one network.

    The fix was in my hands, see above about OVN.

    I would move the OSD’s from the physical network to a logical network, and it all would just work. All testing showed it would work.

    I started the process, and it appeared that the OSD’s did not like living on two nets at the same time. So I moved to a single network, the new network address range.

    There were still some issues, so I moved all the hosts and the monitors to the new network.

    And lost access to the cluster. It just stopped responding.

    The indicated methods of bringing it back to life failed.

    I ended up having to manually edit about 40 files to restore a working configuration.

    Everything seems to be working now. But it is 0300 and I’ve been fighting this for 5 hours.

    Conclusion

    I hope you had a great Thanksgiving.

    Question of the week

    The Department of Education was created by an act of congress. The President can’t dissolve it with the stroke of a pen. That would require another act of congress.

    What he can do is RIF the heck out of it, reducing the staff to a more manageable level.

    My question for you is: What tasks, if any, should the DOE still perform?

            

  • This is a special day for me. It has been years since we gathered as a family at my parents’ home for a Thanksgiving feast, but that is a memory I hold dear.

    No, this comes from something my mentor gave me.

    When he was in collage, he had many good friends. Friends he kept until his death. When that first Thanksgiving came around, his friends went off to their families, and he went home to his. There was no feast for them. There was no celebration of thanks among those friends.

    They took a look at the calendar and discovered that the second weekend in December would fall on the 10th. They decided to initiate the DEC-10 day.

    This is, of course, a pun. The Digital Equipment Company manufactured the DEC-10 computer. The DEC-10 is the computer they were using. It is the computer which my mentor used to write BASIC for the local schools to use.

    So today, the house is mostly empty, just the wife and I. The children arrive tomorrow. So there is no feast today.

    That happens on Saturday.

    We have Friendsgiving. This happens on the Saturday after Thanksgiving. It is when we have all our friends over to enjoy each other’s company. It is a created family of sorts.

    We will also invite acquaintances that might have had a lonely holiday. Making sure they are welcome too.

    No matter where you are, which side of the political aisle you are on, please slow down, stop, and before you feast, give thanks for all you have.

            

  • I wanted to share this young man’s post on TikTok with you, because it says a LOT in a small space.

     

    @truscum_tr_nny Trans activists love to fuck EVERYTHING up for transsexuals. Thanks a lot. #Trump2024 #transsexual #Igbtrepublican #republican #conservative #LGBT #transgender #kamala #CapCut ♬ original sound – Nicholas

    So… long story short, Trump is going to stop public taxpayer money (ie Medicare/Medicaid) from paying for transition surgeries. The kid isn’t the least bit upset about that. No, he’s upset over the fact that when gender dysphoria was considered a mental disorder, it was treated as one. That means that necessary care, through a doctor who’d gone to the trouble of having you tested six ways to Sunday, was covered. Just like being diabetic was covered. Or being clinically depressed was covered. Now that “being trans” is a social movement and they’ve removed it as a mental disorder, it’s not covered.

    Now… I’m going to say something that would make the Left clutch its pearls, but y’all might just agree. I believe that gender dysphoria should be reinstated as a mental disorder. So should a few other things, but that’s another post. And then we, and by we I mean We The People, should get off our fucking high horses and stop making mental disorders so shameful for people.

    I have mental disorders. I have Generalized Anxiety Disorder. If you met me, you probably would never know. It’s an invisible disorder, and I’m lucky that it’s well controlled  by medication. I don’t hide that I have it, and I often share with others who suffer from anxiety who feel alone or scared. Too many people want to demonize those who have mental disorders, and frankly, it irritates the fuck out of me. Here’s the thing… your body might not produce insulin, so you have to get it in a bottle. My brain over-produces certain chemicals, and I need meds to make it stop. It’s not a shameful thing. It’s just a thing.

    (more…)

            

  • Much of the noise in the MSM and social media (X) is leftist, attempting to call more than half the country “stupid”.

    “How could you vote for a convicted felon?” ask many. Well, we’ve just seen that case evaporate. It should never have been brought. And as Justice Thomas said, …the Attorney General purported to appoint a private citizen as Special Counsel… A private citizen is not allowed to bring a criminal case.

    Then there was the story about how a company informed their employees that they would not be getting “Holiday Bonuses” because they were going to use their assets/profits to buy foreign made goods before the tariffs start. With the “you are so stupid you voted for this.”

    The latest meltdown has been about Trump slapping a 25% tariff on Canada and Mexico. How this was going to drive up the price of gas, which will drive up the cost of everything.

    Tariffs are the only tax you can avoid

    The People pay for every tax. The government uses many methods to hide the taxes you pay.

    Most people know that they pay income tax. This is pretty simple, take the amount of many you were paid for your labor and give a portion of it to the government, under threat of deadly force. People with guns will take you to jail if you don’t pay.

    When I was living in Maryland, I sent about 37% of my income to the local, state, and federal government.

    I was also sending 5% sales tax to the state for everything I purchased in state.

    But that is just the beginning.

    The state slaps a tax on fuel. This drives up the cost of transportation, which drives up the price of goods, which is a tax I’m paying.

    When people talk about how greedy the oil companies are, consider that taxes make up 14% of the cost of a gallon of gas, while the profits are $0.10 to $0.20 per gallon. Or about 5%. Who is greedy?

    Speaking of greedy, why is it considered greedy to want to keep the money I’ve earned?

    When the left screams “Tax the Rich!” or they want to raise the taxes on the wealthy, they really mean they intend to tax you more.

    If the cost of doing business goes up by 10%, then that cost will be passed on to the consumer.

    If we were to tax the very wealth, the rich, at 100%, it wouldn’t fund our government’s spending addiction for a full year.

    The left refuses to acknowledge that taxing corporations is actually taxing the people.

    When they talk about the massive profits a corporation sees, most of that goes out to The People who hold stocks. Like those of us with any sort of retirement fund outside social security.

    It reminds me of a mailing that a democrat sent out which showed how horrible Oil Companies were. They got over a billion dollars in a refund, proving they didn’t pay enough. And the average leftist buys into it.

    You’re stupid, tariffs will raise your prices!

    Well… Yes, they will, in the short run. They can also be used to good effect to modify purchasing behaviors and the policies of foreign countries.

    Just a few days after Trump announced he was going to put a 25% tariff in place against Mexico, the Mexican President announced that they were going to be turning the latest migrant caravan back, before it reaches the Mexican boarder.

    And don’t let the Democrats pull a Jimmy Carter. This is not happening because of Biden, it is happening because of the incoming administration.

    If you maintain a static model, then our prices will go up. But the world is not static. It is dynamic.

    Under a static model, a 100% tax will bring the most amount of money to the government. The truth is that a 100% tax means that people stop working, there is no reason to work if the government takes it all. People adjust the amount they earn to modify their tax liabilities.

    As an example, today I can buy a piece of machinery, made in China, for $1000. The same piece of machinery, made in the USA, will cost me $1500. For a $500 difference, I might choose to buy the made in China version.

    If there is a 25% tariff, then the China machine will cost $1250, or more. Now the cost difference is less, I can decide to buy the American production.

    But that is still an increase in price. Yes.

    What if the American machine was only $1200? If the China machine is $1250, it is a no-brainer to buy American.

    There is another thing that happens, that is there is a reason to manufacture in America.

    The Chinese government subsidizes a great deal of their products to capture market share.

    While the leftists will scream about the evil corporation having a monopoly and driving competition out, they fail to see it from state actors. China uses these subsidies to drive competitors out of business. Sort of like the leftists complaining about Walmart forcing small, local, business to close.

    If American manufacturing can have an honest chance of competing, there will be more product made in the United States. Having more product means that there will be more supply. More supply will drive prices down.

    In the end, my prices might go up. On the other hand, eventually, it is good for the country.

            

  • Sexual assault is a real thing. It happens, way too often. It is likely underreported. The statistics on sexual assault can’t be trusted due to this.

    In high school, we had to do a mock trial. Because I knew the District Attorney for the area, I spoke to him and asked if he could provide a real case for us to use for the mock trail.

    He gave me a case. I took it to my teacher, and we agreed to use it.

    The case had been redacted before I got it. I then broke it down into what each person would have known and would have seen.

    The students getting the different parts got only their part. Only they knew what they had said and done.

    We went through the mock trail. They “jury” discussed it for a bit, then came back with a not guilty verdict.

    The next day, the District Attorney came to talk to us about the case. He tore us apart. 15 minutes to come to a verdict? This case had been through three trails so far, all ended in a hung jury.

    Why? Because the victim was raped, and the case was a rape trial. Proving rape was extremely difficult. There were enough places in the two stories where it could have been consensual and not rape. There were too many places where it was unclear if a sexual assault had taken place.

    There was too much “she said” vs. “he said”.

    And then he dropped the kicker, if she had gone for assault, the asshole would have been in jail. If she had gone for battery, he would have been in jail.

    There is good reason to believe that most women have been sexually assaulted at some point in their lives. I do not mean a mistaken action, but the real thing. It is a sad state of affairs.

            

  • Last week it was turkey. This week, I’m sharing my favorite side dishes that I use in a perfect Thanksgiving Feast!

    Mashies

    Mashed potatoes are a definite requirement at any Thanksgiving feast. The easiest way to make delicious mashed potatoes is to cut them into about inch square cubes, and boil them until they’re soft but not yet falling apart. Mash with whatever masher you have on hand, adding in a minimum of a tablespoon of butter per potato in the mix and drizzling in milk or cream (or in my case, oatmilk) as needed to bring them to the right consistency for you. I like my potatoes a little lumpy, but everyone else likes them creamy, so I tend to whip them very fine. Serve them with a slight well in the top, filled with a pad of butter and a sprinkle of salt and pepper. They don’t need anything else!

    Bread Stuffing

    Stuffing is a constant battle in my household. We have several recipes we like, but I’m going to share my Hungarian grandmother’s recipe, because it’s my favorite. This was named “Song Stuffing” by one of my kids, because it contains parsley, sage, rosemary, and thyme… but we adults call it “Heart Attack Stuffing” because of all the yummy fatty goodness inside it. It’s also a great way to get liver into your kids, because they’ll never know it’s there until they’ve fallen in love with it. It’s how my Nagymama got me to eat liver!

    (more…)

            

  • Sunday was supposed to be the day I migrated a couple of machines. I have a new physical device which is described as a Level 2 switch with SFP+ ports.

    The idea is to replace my small mixed routers, 2 SFP+ ports plus some RJ45 ports with either a L2 SFP+ only switch or an L3 SFP+ only routers. This allows me to move some servers around and to increase the bandwidth from nodes to the backbone.

    The switch arrived with a nice little instruction manual which claims I can find a web interface at 192.168.2.1 while the website claims there is no management interface.

    Plugging it into an Ethernet port with an Ethernet SFP module gives me nothing on 192.168.2.1 and nothing on 192.168.2.x/24 but for my machine. It looks like it is unmanaged.

    This means, it should be a simple plug in replacement for my tiny switch, giving an upgraded data path to the backbone.

    It didn’t work.

    So now I have to do some more testing. I’ll figure this out, one way or another, but it is another bottleneck in my path to full conversion to fiber from copper.

            

  • My mentor, Mike, use to say “There is always a bottleneck.”

    What he meant by this, was that for any system, there will be a place which limits the throughput. If you can find, and eliminate, that bottleneck, then you can improve the performance of the system. Which will then slam into the next bottleneck.

    Consider this in light of traffic. It is obvious to everybody, because it happens every day, that traffic does a massive slowdown just past the traffic signal where the road goes from four lanes to two. That is the point which we want to optimize.

    The state comes out, evaluates just how bad the bottleneck is. The money people argue, and 15 years later they widen the road.

    They widen the road between the first and second signal. Traffic now clears the first traffic signal with no issues.

    And the backup is now just past the second signal, where the road narrows again.

    We didn’t “solve” the bottleneck, we just moved it.

    With computers, there are many bottlenecks that are kept in balance. How fast can we move data to and from the network, how fast can we move data to and from mass storage, how fast can we move data from memory? These all balance.

    As a concrete example, the speed of memory is not fixed at the speed of the socket. If there are more memory lanes or wider memory lanes, you can move data faster.

    If you have a fast CPU, but it is waiting for data from memory, it doesn’t matter. The CPU has to be balanced against the memory speed.

    My mentor was at a major manufacturer, getting a tour and an introduction to their newest machine. He had an actual application that could also be used for benchmarking. One of the reasons it was a powerful benchmarking tool, was that it was “embarrassingly parallel”.

    In other words, if it had access to 2 CPUs, it would use them both and the process would run twice as fast. 8 CPUs? 8 times as fast. Since the organization he worked for purchased many big computers (two Crays), and he was the go-to guy for evaluating computers, his opinion meant something.

    He ran his code on a two CPU version, found it adequate. Requested to look at the actual designs for the machines. He spent an hour or two pouring over the design documents and then said.

    “We want an 8 CPU version of this. That will match the compute (CPU) power to the memory bandwidth.”

    The company wasn’t interested until they understood that the customer would pay for these custom machines.

    Six months later, these 8 custom machines were in the QA bay being tested when another customer came by and inquired about them.

    When they were told they were custom-builds, they pulled rank and took all 8 of them and ordered “many” more.

    What happened, was that my mentor was able to identify the bottleneck. Having identified it, he removed that bottleneck by adding more CPUs. The new bottleneck was no longer the lack of compute power, it was memory access speed.

    The Tight Wire Balancing Act

    I deal with systems of systems. It is one of the things that I was trained in. I.e., actual classes and instruction.

    Most people have no idea of how complex a modern Internet service is. I.e., a website.

    This site is relatively simple. It consists of a pair of load balancers sitting in front of an ingress server. The ingress server runs in a replicated container on a clustered set of container servers. The application has a web service provider that handles assets and delegates execution to an execution engine.

    This runs a framework (WordPress) under PHP. On top of that is layered my custom code.

    The Framework needs access to a database engine. That engine could be unique to just this project, but that is a waste of resources and does not allow for replication. So the DB Engine is a separate system.

    The DB could run as a cluster, but that would slow it down and adds a level of complexity that I’m not interested in supporting.

    The DB is then replicated to two slaves with constant monitoring. If the Master database engine goes offline, the monitors promote one of the slaves to be the new master. It then isolates the old master so it does not think it is the master anymore.

    In addition, then non promoted slave is pointed at the new master to replicate.

    I wish it was that simple, but the monitors also need to reconfigure the load balancers to direct database traffic to the new master.

    And all of this must be transparent to the website.

    One of the issues I have been having recently, is that in the process of making the systems more reliable, I’ve been breaking them. It sounds stupid, but it happens.

    So one of the balancing acts, is balancing redundancy against complexity, against security.

    As another example, my network is physically secured. I am examining the option of running all my OVN tunnels over IPsec. This would encrypt all traffic. This adds a CPU load. How much will IPsec “cost” on a 10 Gigabit connection.

    Should my database engines be using SSD or rust? Should it be using a shared filesystem, allowing the engine to move to different servers/nodes?

    It is all a balancing act.

    And every decision moves the bottlenecks.

    Some bottlenecks are hard to spot. Is it a slow disk or is it slow SATA links or is it slow network speed?

    Is it the number of disks? Would it be faster to have 3 8TB drives or 2 12TB drives? Or maybe 4 6TB drives? Any more than 4 and there can be issues.

    Are we CPU bound or memory bound? Will we get a speedup if we add more memory?

    Conclusion

    I ave so many bottles in the air I can’t count them all. It requires some hard thinking to get all the infrastructure “right”