Blog

Posted on

Things I Learned at NYCBSDCon, Day 1

A few quick random things I picked up at day 1 of NYCBSDCon:

  • Scheduled IPv4 depletion date:  119 days.  That’s when the last /8 is issued to a regional NICs.  Many of the remaining IPv4 /8 blocks are “poisoned,” and receive garbage traffic immediately upon announcement.
  • Hudson River Trading is hiring FreeBSD folks.  They gave away 1GB USB key/bottle openers, so they clearly understand the sysadmin mentality.
  • You want to take the BSD Associate Cert as soon as possible.
  • Don’t confuse George with George.  George doesn’t like that.  Fortunately, George doesn’t care, so you’ll only have to worry about George.
  • The “Quest for the Next Generation FreeBSD Installer” is about to claim more developers.  You’d think people would learn.  (Don’t get me wrong, I wish them luck and I hope they succeed, but nobody’s ever had dinner after betting the grocery budget on a new FreeBSD installer.)
  • Jeremy Reed is digging through the original BSD tapes and contacting every person named in the original source code to assemble a comprehensive BSD history.  BSD claims a long history, but Jeremy’s actually trying to document it while the original folks are still with us.  It will eventually be available as a book.  This is probably the most exciting thing I heard today, but then, I’m an academic at heart.
  • And if any BSD folks live near Jason Dixon, he <i>really</i> needs to be dragged out of management.  Forcibly if necessary.  Possibly with methods involving tranquilizer darts, nets, and some sort of radio tags.  If you do this, be sure to post the video footage for the rest of us.

You can get here for tomorrow.  I know you can.

Posted on

NYCBSDCon is at our throats

NYCBSDCon is this next Friday, Saturday, and Sunday, 12-14 November 2010.  If you’re anywhere near NYC, you need to attend.  If you’re not anywhere near NYC, you need to get to somewhere near NYC, and then attend.

I’ll be speaking on Sunday.  This talk could be subtitled “How I Reduce Suckage in My Books.”  Writing decent tech books is a skill you can learn.  I can honestly say that the slides are done, but in truth is that I still need to reduce slide suckage.  I’ll be reducing suckage up until the moment I present.

Posted on

fixing ESXi “failed with error N7Vmacore15SystemExceptionE”

An ESXi server failed this morning.  As there’s a couple critical services on this piece of hardware, the power in the new data center isn’t up to where we want it yet, and the radio said it was snowing near the office, I drove in expecting to find some unspeakable power situation.  The power was fine, but the ESXi server was sitting at a panic screen.  Power cycle the machine.  It comes up, but none of the VMs start.  The vSphere client won’t connect.  The server Web page is blank.

Fortunately, tech support mode works.  Hit alt-F1, type unsupported, and enter the root password when asked.  Whenever I tried to connect to the server with vSphere, my “tail -f /var/log/messages” said something like:

Nov  4 23:35:09 Hostd: [2010-11-04 23:35:09.117 25233B90 warning 'Proxysvc Req00011'] 
Error reading from client while waiting for header: 
N7Vmacore15SystemExceptionE(Connection reset by peer)

This is not good.  No, not good at all.  I wanted to spend the day converting a machine from OpenSolaris to FreeBSD and installing my router for my new bandwidth.  Instead Fate has decreed today Wedgie Day.

Mailing list archives and forum posts showed that many people have had this problem.  Lots of the forums end with “did anyone ever solve this?”  A few people reinstalled ESXi to solve the problem.  A couple folks claimed it was a DNS issue.

Our DNS setup hadn’t changed, but I followed the advice and made the following changes.

  • In /etc/hosts, remove the real address for the machine and replace it with 127.0.0.1
  • Remove all DNS servers from /etc/resolv.conf

I rebooted.  The machine came up, and the VMs started.  Everything seems fine, but we’ll have to see what happens later.

I have no idea why this worked.  Three cheers for “occult IT”!  Sigh.

Posted on

inspiration and winning awards

One of my Clarion classmates, Lucy Snyder, won the 2009 Stoker Award for her poetry collection Chimeric Machines.  I ran into Lucy at World Fantasy 2010, where she told me that one of the poems in this collection was inspired by my short story Opening the Eye in Horror Library volume 2.  (For those of you with a calendar, Lucy saw this story well before it appeared in HLv2.)

I haven’t read poetry since I seriously overdosed in university, but I had to check out CM.  I expected only a tangential similarity, but no… the poem Trepanation clearly included echoes of my story without being in any way derivative.  And the rest of the book is creepy as hell.

My work is not merely inspirational; it inspires people to win awards.  Yes, my inspiration was a tiny tiny sliver of the inspiration in Chimeric Machines, but it’s the closest brush I’ve had with Literary Fame. I’m tickled blue.

So, if you have any flicker of interest in poetry, read Chimeric Machines.  You can get a free sample at Lucy’s CM page.  The sample covers the section “Technica,” wherein she illuminates the appalling aspects of technology.  By happy coincidence, this section includes Trepanation, but I think Tech Support will resonate with a lot of you.  Heck, just read the whole thing, and buy the book.

(PS: I have at least one blog reader who cannot tolerate horror.  You know who you are.  And you’re not permitted to click on ANY of the links in this post.  Thank you.)

Posted on

asking me for opinions on your writing

Occasionally someone will ask me to read their work and either comment or tell them where they should submit it. Some of these folks I know, some I don’t. It’s flattering to be asked, but my answer is: no.  I could describe my reasoning in great detail, but the inimitable John Scalzi has a far better article than I do.

On rare occasion, I make the mistake of saying “yes, I’ll look at your work.”  One of the following will result.

  1. I will give you my honest opinion of your first page.  You will respond by dedicating the rest of your life to making me miserable.
  2. I will give you the metaphorical equivalent of a pat on the head.
  3. I will say you lack the fire.
  4. I will tell you that publishers require sentence to have both a noun and a verb, and that you cannot use emoticons in published work.
  5. I will “accidentally” erase your manuscript, your email, and my hard drive, so that I can honestly claim that losing your work was part of a much larger accident.
  6. I will put off looking at your work in favor of paying work or spending time with my family.  I will feel increasingly guilty about this.  I will begin avoiding you.  The importance and difficulty of evaluating your work will grow in my mind until it assumes unbearable proportions.  I will take a week out of my life to evaluate your work thoroughly.  By this time you will have married your third spouse, adopted four feral children and a platypus, and moved to Aruba to fulfill your lifelong dream of being a beachcomber.

Note that none of these result in you getting anything you want.

If you really want to get my opinion, I suggest you either pick a response you like, or roll a die.

Posted on

nested pf.conf macros

Many of my FreeBSD servers are not behind a firewall.  They sit naked on the Internet, and I protect their services with PF.  I have several “trusted” networks, and want to use them in macros.  Keeping track of serveral networks in a macro is error-prone, however.  Previously, I used macros like this one:

#lucas_house=10.20.20.0/28
#main_office=192.168.1.0/25
#monitor=17.16.1.1
#boss_house=10.20.30.0/24
mgmt_networks ="{ 10.20.20.0/28, 192.168.1.0/25, 172.16.1.1, 10.20.30.0/24 "}"

This meant entering each IP address twice.  Complicated numbers hurt my feeble brain, and the result is errors.  Entering each address multiple times is begging for an error.  I found that you can nest macros, however, with careful placement of single and double quotes.

lucas_house='"10.20.20.0/28"'
main_office='"192.168.1.0/25"'
monitor='"17.16.1.1"'
boss_house='"10.20.30.0/24"'
mgmt_networks ="{" $lucas_house $main_office $monitor $boss_house "}"

Note that each address is in single quotes (‘), enclosed by double quotes (“).  In the mgmt_networks macro, put double quotes around the enclosing brackets. This is in the man page example, but you have to look very closely at it.

I can then allow SSH, SNMP, SIP, etc, from my management networks to the server, and my addresses will be consistent.

Posted on

price points in the kindle/paper war

(Disclosure:  I have a Kindle, and I think it’s fabulous.  My newer books are available on Kindle. I expect that everything I write from now on will also be on Kindle.)

As an author, I think ebooks should be cheaper than paper books.  Ebooks are an inferior product.  Yes, you can get them more quickly, but you don’t actually get a book: you get a license to have a copy of a book attached to your account.  You can’t resell ebooks.  You can’t loan them out. You can’t express your disgust by using them as toilet paper.   Anyone in the IT industry knows the difference between owning a piece of software and licensing it.

When ebooks are more expensive than a hardback, people who have “invested” in an ebook reader become angry.  Amazon has many 1-star reviews of ebooks because the price is above that of a hardcover.  This leads to angry emotional arguments from both sides.  You can see lots of reader arguments on Amazon, and then there’s publishers’ arguments like this one from the SFWA.  But buried in the recent SFWA post are a couple of interesting facts that aren’t getting enough attention:

  • ebook prices are set by the publisher
  • physical book prices are set by Amazon

Amazon specifically dislikes the agency model under which books are sold.  They tried to use a more traditional model, but were forced out of that.  All indications are that Amazon is very unhappy about the agency model.

Amazon discounts their books under a formula known only to Amazon.  One side effect of this is that ebook devotees are angered by the price differences — and they’re getting angry at the publisher, not at Amazon.  And Amazon has previously used paper books as loss leaders.

I cannot say that Amazon is deliberately feeding this anger by choosing to price hardbacks slightly below the publisher’s ebook price.  But they make a point of labeling ebook prices as “set by the publisher,” where they don’t say that hardback prices are “set by Amazon.”  I think it’s fair to say that Amazon is aiming the anger.

And for those folks who say that publishers need to die, preferably soon:  I wholeheartedly disagree.  My books would not be nearly so good without my publisher.

Finally, on a completely different topic, but still about writing:  There’s a popular article kicking around now about reasons to date a writer.  I wanted to do a corrected, realistic version, but thankfully it’s already been done.

Posted on

More NFA reviews…

I don’t want to do a separate blog post for every review of Network Flow Analysis that comes out.  But it seems that I haven’t posted any for two months now.  If I’m going to batch these, I need to figure out a happy medium, say, every month or so.  Of course, now that the book has been out for a few months, the number of reviews is going to decline rapidly.

But to catch up: there’s been reviews at javaranch, from Henrik Kramshøj, from the Linux Users of Australia,  a few comments in Japanese, from Utah, and the Security and Risk blog.  There’s also a review in the illustrious Dr. Dobbs.  Back in the day, Dr. Dobbs’ was The Source for geek stuff.  A positive review there makes me feel like I have Arrived, that I am Someone of Substance.  Woo for me!

I’d like to thank all the folks who took the time to review NFA.