I went to the shopping centre today (Garden City, in Upper Mt Gravatt) with my seven-year-old son. On the way there we were discussing the various things we might do there, foremost among them was eating (he seems to be inordinately interested in food at the moment; I suspect a growth spurt). After finding somewhere to park and finding our way from the car to the shops, we resumed the where-will-we-go conversation. We decided that the main purpose of the shopping trip was to get something for Mummy for Mothers’ Day, but we did agree it was okay to do a little bit of looking at things for ourselves. I was explaining the concept of “window shopping” to him when he suddenly said “or we could go to the library.”

I managed to choke back my reflex response of “The LIBRARY?!?” and instead managed something a little more fatherly. “But Mummy has the library card, I don’t have one,” I had to say, thinking he wanted to borrow.

“That’s okay,” he said, “we can just go and look at the books and maybe read one and then we could have some lunch.”

Which is exactly what we did. My seven-year-old son took me to the library. We looked through the books, found one that he liked which he read aloud, and then left and had sushi for lunch. I was definitely proud but at the same time stunned that a visit to the library was as interesting a prospect as anything else the shopping centre had to offer — especially since the library is immediately next door to a Toys-R-Us!

So what has this to do with Borders?

I was a little disappointed, but not too surprised, when the local Borders franchise announced it had entered administration. All of the Australian Borders stores that have touched me in some way, including the Brisbane City and Mt Gravatt stores, are to be closed. The hammer is even going to fall on the Jam Factory store in South Yarra, the first Borders I ever set foot in (the novelty of visiting that store was part of what kept me entertained when I was working in Melbourne).

Shortly after we’d been to the library, had our lunch, and looked at a couple of other shops, my son and I went into the Borders — it, along with the other stores to be closed, are open while the administrators try to wring every last dollar out of them. There were people everywhere, picking over the remains of the stock. How ironic that the busiest many stores are is their last days of trade.

It was pretty depressing: many shelves were bare, even a couple of complete sections had been abandoned (and were being used as impromptu play areas by kids bored by their parents’ sudden interest in books). Because all the stock was 50% off, people seemed to be treating it as having 50% less value — books were being disdainfully rummaged through, in a similar way to how a pile of laundry gets treated when you’re looking for that one lost sock.

I looked at the remnants of the computer books area, and was quickly reminded why I haven’t bought a tech book from Borders for years. I saw an O’Reilly title, one which I wasn’t sure I had, and the price on it was almost $100. When I got home I checked and I did have it: bought via Amazon at a price, even including shipping (and an exchange rate at the time that was nowhere near as attractive as it is now), that was less than even the Borders administrators 50% discount would have yielded. Nevertheless, I did take a few books to the register — not technical books, rather some light stuff in the vein of Richard Hammond’s “As You Do”.

The final depressing twist came as we left the store. I got a partial smile from the cashier when I placed my purchases on the counter for payment, but by the time she’d handed the bag to me her look was more “enjoy your books and your discount, I’ll be jobless in a few days”.

From the safe and insular confines of a blog, it’s easy to rant about bookstores and big publishing companies that try to ignore the international market and continue pricing domestically as if the Internet doesn’t exist and it really does cost a fortune to ship books to a tiny place like Australia. It’s a different matter when that bookstore you used to love going to can’t afford to keep the lights on any more.

But then, as I was thinking of how to wrap this post, the thought occurred to me… what kind of place would be good for someone who likes looking at books but never buys them…

Sometimes when I’d go to Borders I’d get quietly mad at the people who’d sit themselves in the comfy chairs and read the books for hours and hours. What did they think Borders was… a library? It was a library — the problem was, in their kind of library you had to buy the books instead of borrowing them.

I’ve got a feeling that the initial success of Borders was driven by the same enthusiasm for libraries that my son showed me today. We all remembered this incredible place where there were thousands of books, and we could pick them up, turn their pages… and read a bit of them, then put them back. And to the eventual demise of Borders, that’s what we all did.

So to anyone thinking “now that Borders is going, I’ve got nowhere to read a good book” I say “find your local library!” And to any passing librarians I say “I hear there’s some books hitting the market cheap, might be a chance to build the collection because you never know when traffic might pick up”.

I did a bit of playing with IPv6 over the years, but it was too early and too broken when I did (by “too broken” I refer to the immaturity of dual-stack implementations and the lack of anything actually reachable on the IPv6 net).  However, with the bell of IPv4 exhaustion tolling, I had another go.

Freenet6, who now goes alternatively as gogonet or gogo6, was my first point-of-call.  I had looked at Gogo6 most recently, and still had an account.  It was just a matter of deciding whether or not I needed to make a new account (hint: I did) and reconfiguring the gw6c process on my router box.  Easy-as, I had a tunnel — better still, my IPv6-capable systems on the LAN also had connectivity thanks to radvd.  From Firefox (and Safari, and Chrome) on the Mac I could score both 10/10 scores on http://test-ipv6.com!

My joy was short-lived, however.  gw6c was proving to be about as stable as a one-legged tripod, and not only that Gogo6 had changed the address range they allocated me.  That wouldn’t be too bad, except that all my IPv6-capable systems still had the old address and were trying to use that — looks like IPv6 auto-configuration doesn’t un-configure an address that’s no longer valid (at least by default).  I started to look for possible alternatives.

Like many who’ve looked at IPv6 I had come across Hurricane Electric — in the countdown to IPv4 exhaustion I used their iOS app “ByeBye v4″.  They offer free v6-over-v4 tunneling, and the configuration in Gentoo is very simple.  I also get a static allocation of an IPv6 address range that I can see in the web interface.  The only downside I can see is that I had to nominate which of their locations I wanted to terminate my tunnel; they have no presence in Australia, the geographically-nearest location being Singapore.  I went for Los Angeles, thinking that would probably be closest network-wise.  The performance has been quite good, and it has been quite reliable (although I do need to set up some kind of monitoring over the link, since everything that can talk IPv6 is now doing so).

In typical style, after I’d set up a stable tunnel and got everything working, I decided to learn more about what I’d done.  What is IPv6 anyways?  Is there substance to the anecdotes flying around that are saying that “every blade of grass on the planet can have an IPv6 address” and similar?  Well, a 128-bit address provides for an enormous range of addresses.  The ZFS guys are on the same track — ZFS uses 128-bit counters for blocks and inodes, and there have been ridiculous statements made about how much data could theoretically be stored in a filesystem that uses 128-bit block counters.  To quote the Hitchhiker’s Guide to the Galaxy:

Space is big. Really big. You just won’t believe how vastly, hugely, mind-bogglingly big it is. I mean, you may think it’s a long way down the road to the chemist’s, but that’s just peanuts to space.

The Guide, The Hitchhiker’s Guide To The Galaxy, Douglas Adams, Pan Books 1979

Substitute IPv6 (or ZFS) for space.  To try and put into context just how big the IPv6 address range is, let’s use an example: the smallest common subnetwork.

When IPv4 was first developed, there were three address classes, named, somewhat unimaginatively, A B and C.  Class A was all the networks from 1.x.x.x to 127.x.x.x, and each had about 16 million addresses.  Class B was all the networks from 128.0.x.x to 191.255.x.x, each network with 65 534 usable addresses.  Class C went from 192.0.0.x to 223.255.255.x, and each had 254 usable addresses.  Other areas, such as 0.x.x.x and the networks after 224.x.x.x, have been reserved.  So, in the early days, the smallest network of hosts you could have was a network of 254 hosts.  After a while IP introduced something called Classless Inter-Domain Routing (CIDR) which meant that the fixed boundaries of the classes were eliminated and it became possible to “subnet” or “supernet” networks — divide or combine the networks to make networks that were just the right size for the number of hosts in the network (and, with careful planning, could be grown or shrunk as plans changed).  With CIDR, since the size of the network was now variable, addresses had to be written with the subnet mask — a format known as “CIDR notation” came into use, where an address would have the number of bits written after the address like this: 192.168.1.42/24.

Fast-forward to today, with IPv6…  IPv4′s CIDR notation is used in IPv6 (mostly because the masks are so huge).  In IPv6, the smallest network that can be allocated is what is called a “/64″.  This means that out of the total 128-bit address range, 64 bits represent what network the address belongs to.  Let’s think about that for a second.  There are 32 bits in an IPv4 address — that means that the entire IPv4 Internet would fit in an IPv6 network with a /96 mask (128-32=96).  But the default smallest IPv6 subnet is /64 — the size of the existing IPv4 Internet squared!

Wait a second though, it gets better…  When I got my account with Gogo6, they offered me up to a /56 mask — that’s a range that covers 256 /64s, or 256 Internet-squareds!  Better still, the Hurricane Electric tunnel-broker account gave me one /64 and one /48!  Sixty-five thousand networks, each the size of the IPv4 Internet squared! And how much did I pay for any of these allocations?  Nothing!

I can’t help but think that folks are repeating similar mistakes from the early days of IPv4.  A seemingly limitless address range (Vint said that 32 bits would be enough, right?) was given away in vast chunks.  In the early days of IPv4 we had networks with two or three hosts on them using up a Class C because of the limitations of addressing — in IPv6 we have LANs of maybe no more than a hundred or so machines taking up an entire /64 because of the way we designed auto-configuration.  IPv6 implementations now will be characterised not by how well their dual-stack implementations work, or how much more secure transactions have become thanks to the elimination of NAT, but by how much of the addressable range they are wasting.  So, is IPv6 just Same Sh*t, Different Millennium?

Like the early days of IPv4 though, things will surely change as IPv6 matures.  I guess I’m just hoping that the folks in charge are thinking about it, and not just high on the amount of space they have to play with now.  Because one day all those blades of grass will want their IP addresses, and the Internet had better be ready.

Update 16 May 2011: I just listened to Episode 297 of the Security Now program…  Steve Gibson relates some of his experience getting IPv6 allocation from his upstream providers (he says he got a /48).  In describing how much address space that is, he made the same point (about the “wasteful” allocation of IPv6).  At about 44:51, he starts talking about the current “sky is falling” attitude regarding IPv4, and states “you’d think, maybe they’d learn the lesson, and be a little more parsimonious with these IPs…”.  He goes on to give the impression that the 128-bit range of IPv6 is so big that there’s just no need to worry about it.  I hope you’re right, Steve!

Nerd Vittles linked to this blog, which alludes to the possibility of mobile carriers putting pressure on Nokia to remove “free” calling capability (i.e. VoIP) from their phones.  Within the comments on that blog post comes a link to a post on Nokia Conversations (I’ve never seen that site before, but it seems to simply be a bit of a PR site…).

“Charlie” from Nokia Conversations tries to spin the changes to Nokia’s SIP support.  Firstly, in what seems to be almost believable at first he says “no, the SIP stack is still there, in fact it is actually better in FP2 than previous versions”.  Apparently, the improvements meant that the integrated VoIP client had to be dropped because it wasn’t ready.  This explanation loses credibility, however, when you see that Charlie’s blog post was made on 27 August 2008: nearly one year ago! And folks are still commenting on that thread, saying “where’s my VoIP client?”.  I cannot believe that it would take Nokia a full year to update the VoIP client and package a firmware update for these phones–especially given that two other S60 3rd-ed FP2 phones released after the N78 and N96, namely the N79 and N85, apparently do have the VoIP client!

On 8 December 2008, Charlie posts a follow-up on Nokia Conversations.  In it he says “well we made some folks unhappy, but we’ve made a fix”.  He points to something called the “SIP VoIP Settings” application that was supposed to bring back what people were asking for.  Problem is, it’s not a VoIP client at all: it’s simply a configuration tool allowing more detailed control over the configuration of a SIP profile.

In the final insult it appears that the new N97, Nokia’s current flagship also has no VoIP client.  The N97 is based on S60 5th edition and not 3rd edition, but 5th is supposedly just 3rd updated for touch-screen anyway (not a significant change in technology).

Looking more closely at the specifications pages for these N-series phones, the tiny-tiny text that says “VoIP” is missing.  It’s probably arguable therefore that Nokia never advertised the phones as having VoIP capability[1], so anyone who bought one without checking has created their own situation.  However, Nokia, why is the “upgrade” to the N95 missing one of that phone’s most popular features?

At one point Nokia’s story changes… it seems that VoIP is a function that doesn’t fit the product direction of N-series and belongs in the E-series phones (indeed both the E75 and the soon-to-be-released E72, reportedly S60 3rd-ed FP2 phones, list VoIP capability).  Why, then, do other S60 3rd-ed FP2 phones like the N79 and N85 have VoIP?

This whole “affair” seems to have been handled really poorly by Nokia.  Firstly, claim a technical limitation.  When that fails (because you discover that your users actually know something about tech), claim that your third-party providers have developed a solution.  When it turns out that the third-party products are steamers that don’t even use the infrastructure your OS provides (something you didn’t know before either), claim that the product has been “realigned” and doesn’t service that market any more–while simultaneously marketing a product in the same series with the same technology that still has the disputed feature.

I must admit to being a lot less angry about this after researching this post than when I started it.  I’m more angry about the survey I completed earlier today when I visited the Nokia website–I was very complimentary about .  My shopping-slash-wish list just lost an item–not that I was seriously contemplating buying the N97, but it’s nice to have a technical reason not to buy it rather than the boring can’t-really-justify-it line.

[1] Of course it’s easy to make this statement based on what the product pages look like now…

S's and my respective creative sides are being adequately satisfied by the iLife suite on the Mac, but there are times when we need to get the pictures out of the silver tower and onto other media—on this occasion paper, for albums and so on. A large retailer here has part of their floor space in each store set aside for those photo printing kiosks, and I introduced S to the art of putting photos onto a USB stick so that she could print some photos when next she went there…

On her return from the shop, she reported that we hadn't successfully put the photos she wanted onto the stick. When she'd plugged the stick in, she'd found only less than half of the photos we'd stored there. Sure enough, when I plugged the stick in all the files were there safe and sound. Strange thing was I could find nothing in common about the files (uppercase/mixedcase filename, long or 8.3 filename, datestamp, etc) that would have yielded the number of photos that the kiosk had found on it.

Annoying, but life is too short to worry about it. After all, this same retailer was plastering adverts of their new web-based photo printing service… S could submit the photos online for printing and pick them up from the store later.

<sarcasm>This is where the fun really started.</sarcasm>

Their app is Flash-based but seems to have some Java involved as well. While it loaded quickly enough, the app portion of the web page had an incongruous grey background that just looked dodgy. S had to create an account and sign onto the site just to get this far though, which was a bit annoying.

The workflow seemed to be to create an album, upload pictures to the album, then select photos from the album for processing. Creating the album went fine, but when the upload function was selected there were no action buttons visible to complete the operation! S was using Safari, but Firefox made no difference.

Then I suggested she use her laptop, which runs Ubuntu 8.04. The situation actually seemed a bit better to start with, as instead of the upload function showing an embedded file selection dialog like it did on the Mac we got a "normal" GNOME file dialog box. However, only some of the photos showed again: this time, it was because they had hard-coded a non-modifiable filename filter for the dialog that was only picking lower-case file extensions!

Trying to work around this, I mounted the stick manually with different mount options. I succeeded in getting all but one of the files showing with a lowercase name, and a rename fixed that one. Back in the web page however, it still didn't like us: any file chosen from the dialog box resulted in a nonsensical error message followed by a "You have selected no files to upload" dialog.

S was beyond caring by this stage (she has a very low threshold for being stuffed around by technology). She went to Snapfish after a friend's recommendation, and found a well-designed and easy to use WEB site that required no downloads or other junk.

So why did this wind me up to the point of spending all this time blogging it? Because nowhere on Big-W's site is there any mention of browser or operating system compatibility. Not even a "we've tested only on Windows, Mac users may experience difficulty"[1]. Not a blessed thing. Their Help page has a single paragraph about trouble uploading, blaming "your IT Department" for "setting certain network properties that inhibit the upload tool from working".

I wonder if the developers of the app were just so blind to believe that their gunk would just work wherever it was run, or whether they really think that it's a Windows world. Of the two I hope it's the former.

So Snapfish gets a recommendation for being not just an application hosted on the web but a web application. They do good photos too!

[1] I never expect to see Linux mentioned on these things and get pleasantly surprised on the occasions it is; even if it says "Linux is not supported", someone there at least knows enough to mention it.

The problem is that Synergy and the VMware console don’t play well together (I could have sworn that when I first started using Synergy I had no trouble with it, but there are a few hits around that describe problems like I’ve now hit). The problems people are reporting are that keys like Shift and Ctrl are not passed to the VM (some described here and here).

My problem is slightly different: the screen of my Synergy client (the one that’s running VMware) locked while a VMware guest had focus. Now, the Shift and Ctrl keys are not picked up by gnome-screensaver to unlock the screen. Even the real keyboard attached directly via USB doesn’t work. Big problem, for the following reasons:

* Thanks to password strength rules enforced on the Linux build I use, my password now has a Shift-obtained punctuation character.
* I can’t switch to a virtual console, since that requires Ctrl (e.g. Ctrl-Alt-F1).

Okay, so the keyboard doesn’t work. This client machine just happens to be a tablet PC, and I had hacked gnome-screensaver (to display the onscreen keyboard to allow the screen to be unlocked in tablet mode). I grabbed the pen and tapped out my password, but it *still* didn’t work: even the output of the virtual keyboard gets the Shift modifier dropped. Hmm… Starting to fume now.

Never mind, I’ll connect via the network…

* Fedora does not start SSH by default (okay, yes, and I didn’t make sure it gets started after I’d finished the install).
* There is no remote desktop (VNC server, XDMCP) configured.
* The shiny web-based management interface on VMware Server 2.0 only listens on 127.0.0.1 (or is being blocked by the Fedora firewall).

So with no way to get access to the machine to try and fix it, a power-off is the only solution. Some readers are probably thinking “boo-hoo, diddums had to kill-switch his widdle poota, how tewwible,” but I hate having to do that; not because the system doesn’t recover, but it’s “problem resolution, Windows-style”.

Even though the real problem was between Synergy and VMware, I’m blaming the (perceived) need for security since without that I wouldn’t have a cryptic password that I can’t enter without Shift and a system I can’t administer over the network. Red Hat and Fedora doing everything in their power to ensure I don’t fall prey to nasty Internet fiends (rich analogies to governmental nannying, but that’s probably over-thinking things).

So in summary: Synergy is great, just as long as you’re not using VMware console and have a password with punctuation or uppercase… Remember to have your SSH or other network access enabled before you play!

Every so often I found that some random junk would show up in comments to my blog posts. When I saw it I’d just delete it, and it didn’t occur often so I didn’t really think much of it.

This was until I spied a comment that I actually needed to reply to, and found I couldn’t. I started looking at why the record number of the comment was so high, and found that my blog of little-more than 100 entries had become home to over 13000 items of blog-spam.

I blame myself, obviously, as the software I use had introduced spam-filtering techniques a couple of versions ago and I hadn’t kept up.

In cleaning up the garbage, behind the red mist of rage I saw at having my blog being violated so, I noted something interesting. The issue had been going on for some time, and I realised that in front of me, in my humble little blog, I had a snapshot of the evolution of blog-spam.

The early stuff was primitive, and easily identified by querying for the names of erectile dysfunction drugs and other medications. The later stuff was harder and harder to detect until I was virtually picking it record-by-record out of the database. Some of it made absolutely no point to me at all: strings of random alphabetics with not even a URL in sight; maybe this was a worm just looking for the kudos of a DOS.

The thought occurred to me that perhaps I should have kept it, in much the same way as someone I know keeps copies of PC viruses and worms in a little (hopefully isolated) folder. Then I realised two things:

* Preserving something, or putting it in a museum, gives it some legitimacy. I don’t want to legitimise blog-spam; and

* The art (if any) in blog-spam is in the code that generates it, not in the crap it leaves behind.

As for all the hits on my ClustrMap, I figure 80% are the spambots infecting the blog and about 19% are the poor folk that got drawn to my site as a result of the spam. I had been thinking of a different blog platform, perhaps this episode shows that I need something a little harder.

Of course another way to fight blog-spam is to get your network disconnected from the ‘Net, and my ever-so-unfriendly ISP went out of their way to do that for me this weekend. Unsolicited, of course, which is even better. On a Friday afternoon, too — better still, as if you do actually manage to get someone on the phone it’s too late for them to find anyone who can do anything about it (apparently).

Recommendations of a good ADSL ISP accepted: although keep it to yourself if your ISP’s called wwkjukhkkjlpuggh or qjkdfsdfaksjkulkfhg…

Some months ago I was in an IRC channel with a group of folks in the team I was working with at the time. The conversation had come around to green electricity, what deals our respective electricity companies were offering, and whether we were “doing the right thing” and selecting green energy.

I was a nay-sayer. “It’s a scam,” I railed. “Why should I pay extra for green power when the electricity companies know they should be doing that anyway?” The conversation turned to subsidies for installing solar power systems, and soon after that we actually got back to work.

Months later I recalled that conversation while listening to a podcast. The presenter was discussing climate change and the need for urgent action, whatever the cost. Which is when it hit me: green energy and it’s friends are like an early-adopter tax for a sustainable future.

In the early 90s, I remember models of the IBM ThinkPad would cost A$12k and more. Twelve THOUSAND dollars! Over time however, the developments in the technology have led to such remarkable improvements that a modern laptop can be had for a fraction of that amount, and projects like OLPC becoming viable. None of it wold have happened, however, if early-adopters had not backed the IBMs, Compaqs, and Toshibas (and the Osbornes before that, bless them) and supported the idea.

In 1978, when Mercedes-Benz first fitted ABS to the S-Class[1], I expect they would have wanted to make it at least an option on all their vehicles. That they didn’t, when the cost of doing so would have been astronomical, ensured that they were able to viably continue research and development on the technology and bring the cost down over time. Together with other car makers who progressively did the same, they ensured that even a modern $10k car can have access to such technology, but again it wouldn’t have happened if not for those S-Class buyers validating the idea and stumping-up the cash.

I’ve realised that businesses don’t have a conscience, and that the current economic model cannot reward a company for “knowing what it should be doing”. In quite a real way, companies need their customers to be their conscience by supporting those products that make a contribution to society, and rejecting products that are damaging or harmful. Longer-term, those companies that “get it” will thrive while those that don’t will fail.

So my consideration on things like green electricity changed to, simply, “can we afford to?”. Knowing that in around three months I’ll be meeting my second child (all going well), and becoming maudlin about the state of the world that a new person is being brought into (as new parents sometimes are wont to do), perhaps the question should be “can we afford NOT to?”…

[1] Other manufacturers fitted ABS systems to cars earlier than 1978, but they seemed to be one-off decisions that were inconsistently implemented or met with commercial failure. Mercedes-Benz, once the decision was made, stuck with it.

Odd whales

We're seeing a number of whales pop up around the site, especially on profile pages. We're aware of the issue and working on it now.

Update: site back up and mostly whale free.

Bizarre — but maybe if I was a more regular user it would make more sense.

Unfortunately my visibility of their problems started when they shut off their IM functionality — unfortunate because at around the same time I had done an upgrade of my Jabber server and blamed the upgrade for not being able to connect to Twitter. Hours of fruitless config checking and Googling finally led me to the aforementioned Twitter Status Blog and the news that IM had been disabled. Ever since then (two or three weeks ago) IM function has been the “number one priority to get restored”…

I’m not complaining. It’s a service I barely use, and one I’ve never paid for. I can appreciate people getting upset however; as someone who does have trouble keeping in touch with friends and family, if I had gotten more used to it I’m sure I’d be one of those complaining.

Doom-and-gloom time… Part of the flak Twitter has been copping is around the design of their systems (virtually no redundancy or scalability) — if this is systemic to Web 2.0 startups and the investors and venture-capitalists catch on, things could get ugly FAST. Are we set for a repeat of Dot-Bomb? Could Twitter be the first victim of an impending burst of the Web 2.0 bubble?

I hope it comes back. Twitter is a nice way to see what folks are doing, and it’s a reminder of the fact that there are people out there. Perhaps I’ll even make a bit more use of it, if it can get its IM groove back on. Good luck folks, and watch out for the whales…

Some things aren’t starting because of missing binaries in /usr, frustrating but probably recoverable. The network startup is totally clagged though, and I can’t even begin to work out how what happened… happened.

During bootup, at the time it tries to configure the network interface, I get streams of error messages about problems running the “ip” command. The error text is full of garbage that the init script is trying to parse as text configuration–it looks like a corrupted filesystem or a binary file.

I manually configured the network (not a trivial task in s390x, it must be said), and started to poke around. I got this when I logged in as root:

Last login: Sat Mar 15 12:48:36 2008
/usr/X11R6/bin/xauth: error while loading shared libraries: libXau.so.6: cannot open shared object file: No such file or directory
-bash: read: read error: 0: Is a directory
lxs0za01:~ #

Okay, so I won’t get funky X-based YaST.  No problem, I’ve spent more time in the ncurses-mode YaST anyway…

lxs0za01:~ # yast
warning: the ncurses frontend is installed but does not work
You need to install yast2-ncurses to use the YaST2 text mode interface
lxs0za01:~ #

WHAT!!! What the @#!$ happened there?!?!?

Okay, so I’ve calmed down about that, so I go looking for the problem with the network initialisation…

lxs0za01:~ # cd /etc/sysconfig/network
lxs0za01:/etc/sysconfig/network # ls -go ifcfg*
-rw-r–r– 1   141 2006-06-17 07:30 ifcfg-lo
lrwxrwxrwx 1    16 2008-03-15 02:23 ifcfg-qeth-bus-ccw-0.0.0f00 -> /lib64/ld-2.4.so
-rw-r–r– 1 27470 2006-06-17 07:30 ifcfg.template
lxs0za01:/etc/sysconfig/network #

Priceless. You can’t make this stuff up. I cannot for the life of me work out how this could possibly have happened. I guess I just blame it on a whacked-out filesystem and move along.

Okay, so both of these issues probably have extenuating circumstances unrelated to SLES or YaST… but it’s nice to have a vent now and then. I’ll write up something a bit fairer once I fix this b0rkedness.

My first stage in the process was to get OpenLDAP set up with the right config — but when I started it, slapd complained about an error in slapd.conf. The overlay I was trying to use, it claimed, was not found. I spent the next couple of hours trying to find additional packages, trying different things, reading doco, searching Google, to no avail. The overlay I want is missing from Red Hat’s build of OpenLDAP.

So “boo hoo”, you say, “just build from source”. Well, remember how I said I was forced into RHEL? The corollary to that is that I am only allowed to use exactly what the Shadowman ships on the DVD. No build-from-source, no other OSS, is allowed.

But what does any of this have to do with Microsoft?

In my research, I found the release notes for Red Hat Enterprise Linux 5. In it was the following text (highlighting mine):

OpenLDAP Server and Red Hat Directory Server
Red Hat Directory Server is an LDAP-based server that centralizes enterprise and network data into an OS-independent, network-based registry. It is set to replace OpenLDAP server components, which will be deprecated after Red Hat Enterprise Linux 5. For more information about Red Hat Directory Server, refer to http://www.redhat.com/software/rha/directory/.

You guessed it: Red Hat Directory Server is a pay-for product. So Red Hat’s setting a direction here: server platforms comprising only the base OS, and additional function provided through extra-cost modules — now where have we seen this before?

Does this now mean that on RHEL-next, in order to run a Samba server with an LDAP IDMAP backend, companies will have to pay for RDS? That won’t fly at my work: “we already have a corporate directory, we’re not paying for another” will the customer sayeth.

“Okay”, you say, “so don’t use Red Hat”. As far as I’m allowed (this is at my employer remember) the only other choice is SLES… from Novell… that organisation that felt the need to cross-licence with Microsoft to “protect” against undisclosed and unproven patent infringement.

(Note that this post is not about Novell-Microsoft, nor is their deal a reason not to use SLES in my opinion. The thought only popped into my head because I was already thinking about Microsoft as a result of the Red Hat thing with RDS.)

So it seems like the two biggest names in corporate Linux are marching to Microsoft’s drum. Have I misread something? Am I overreacting?

I have a service that Telstra calls “ISDN Home Highway”. Its original purpose was to give “broadband” Internet connectivity to places that were unable to get ADSL, but it was still a normal ISDN basic-rate phone service with a special NTU that included a modem (serial and USB attached) for data connectivity. Data calls to Bigpond (Telstra’s ISP division) were subsidised, and local phone calls were cheaper as well (AU$0.175 instead of the “normal” AU$0.25). The best bit though was actually the price: by the time you option up a normal PSTN line from Telstra with caller-id and other stuff you’re looking at something like AU$40 per month — Home Highway was AU$45 per month which includes both B-channels and two DIDs (so basically the equivalent of two phone lines, ISDN standard, for only a fraction more than one analogue line).

Like I said though, Telstra sent a letter last year advising that they were removing the ISDN Home Highway service. There’s this thing called “BigPond Broadband ADSL” that I could use instead of my ISDN service, apparently. It seems that they believe that the only reason people got ISDN Home was for Internet access, and now that ADSL is available in more places that ISDN shouldn’t be necessary any more.

There are a number of flaws in their reasoning, however, not the least of which is the fact that I had ISDN Home because it’s an ISDN voice service! If they had done a bit more homework, they’d know that we already have ADSL — there’s another service coming into the house, an analogue line that is there for the sole purpose of ADSL provision.

My alternatives were looking like replacing the ISDN Home service with an ISDN Business service. From Telstra’s point of view, it’s non-productive, as it defeats the purpose of them trying to get people off this “legacy” ISDN equipment — I just switch to a different type of service, forcing them to keep the ISDN gear. It just doesn’t make sense. Of course I could also switch to VoIP, but without number portability (yet) it’s a pain that I wasn’t looking forward to (not only that but my employer currently has a prohibition on work calls going over VoIP).

So why is this a positive dealing with Telstra? Because I got a phone call from a lass from Telstra this morning to ask me about whether I got the letter and how I felt about it. As I described my displeasure, she made attentive noises at me and took notes (well, she said she was taking notes). She said that they’ve only just started ringing people about it, and that there was a possibility that enough people making comments like mine might force a change.

It’s a positive thing right now because it’s the first time I’ve been given the impression that Telstra gives a stuff about a customer. It can’t be cheap to have people sitting, calling people, and potentially wearing abuse from people who they intend to displace. I never thought I’d say this, especially after the abhorrent BACk campaign (in which they tried to gain public support to fight against Optus in their bid to change a broadband access environment thet Telstra themselves created), but kudos to Telstra for at least asking the little guy what he thinks.

Let’s see if it ends positively though.

Our internal IM system was closed down for a while this week, and when it was restarted a number of us could not reconnect. It turns out that the IM servers had been set up to lock this particular client out. Nothing unusual about that really, as it has happened in the past with unsupported clients that stress the servers in unexpected ways.

What was different this time is that the client in question is part of a new “integrated communications” offering — a version of our e-mail client that has the IM client built-in. This product, which will be sent to-market quite soon (and therefore we will be expecting our customers to buy), has been locked out of our IM infrastructure. The further irony is that the part of the business that markets this software runs a “use what we make” initiative to get people to use development versions of their software in their day-to-day work.

The IM system in question is marketed as enterprise-grade — and in general it lives up to that, having to support a couple of hundred-thousand users at peak. What got me thinking though is that systems like MSN Messenger (or whatever it’s called now) and Yahoo! IM and AOL IM must be supporting millions of connections at a time with nary a blink.

So (if it wasn’t already) I’m knocking “enterprise-grade” off the top-spot of reliability rankings. Nowadays, the top spot surely goes to “Internet-grade”. I mean, just imagine the amount of traffic that must pour through Google Talk and Skype — these are systems that not only do text chat but voice and video as well — while our IM is still struggling with smilies and changing fonts. The trouble, in the case of my employer, is that the name of this IM service is synonymous with the concept of IM there. It doesn’t matter that even an open system like Jabber could scale better.

In my opinion, our software people need to take a look at what Google has done in taking XMPP/Jabber and creating Google Talk. Either that or the company needs to do what another prominent software company did and actually use one of the public IM systems (I cant remember which one they use, either YIM or AIM) as the corporate IM platform.

I feel for the developers of the new client, who I’m sure would love to have a stable environment to do a large-scale test on. Oh well.

I had problems with my MythTV frontend playing particular recordings; I eventually worked out that it was HD recordings it couldn’t manage (this helped me discover the switch to HD of a previously SD stream coming out of Ten).  I figured that a swap of hardware under the frontend would be nice, to get a better CPU platform and better output capability under it.  I went shopping at my local friendly poota-shop’s website, and came up with a couple of contenders.

Looking at their site (and at the ASUS site), most of the integrated-video boards I saw seemed to be using nVidia chips.  Confident I was going to be making a sound decision, I set off to the store and ended up leaving with an Asus M2A-VM HDMI under my arm.  The clincher was my need for a real S/PDIF output, which the M2A-VM board has on the little riser-card it uses to provide HDMI, S-Video and Component video out.

Some of you will already have seen my error.  :)

The nVidia board with HDMI I had seen on the ASUS site was the M2N-VM HDMI.  The M2A-VM HDMI is obviously an ATI chipset board.  In my quest for S/PDIF, to save myself a few bucks for a header adapter, I again shot myself in the foot with the ATI bullet.

Sure enough, I had huge problems getting the thing to work.  Frame rates in MythTV, no matter what I did, were abysmal.  I tried installing Mythbuntu again to see if later drivers would help (compared to those on the existing Knoppmyth R5F1 build I am running), to no avail[1].

I was considering lumping it, and sitting on it until things catch up and I can make it work, but I think I’ll just go back to the store and try and switch it for either the M2N-VM DVI (no S/PDIF) or M2N-VM DH (this has onboard S/PDIF but also costs an extra AU$40 thanks to all the WiFi and other guff it comes with).  Unfortunately the store doesn’t have the M2N-VM HDMI, which would let me keep the future capability for  a HDMI-capable display, but by the time I look at needing HDMI I’m likely to be needing to replace the thing again anyway.

To add insult to injury, when I put the old MythTV frontend box back I used a low profile case which meant I had to leave out the old nVidia FX5200 it was running off and go with the onboard Via graphics.  I had heard that some of the Via chips had MPEG2 smarts, and it seems to be true: this old box with what I thought was the crappy cheapo onboard graphics chip now seems to have no trouble with HD output to VGA.

Sigh.

[1] Apparently some victimsowners of the M2A-VM HDMI have had success downloading the very latest drivers directly from ATI rather than sticking with those provided by their distro.  If I get time to give that a run I’ll report.

For the record, I’m talking about Linux kernel-based virtualisation.  It wins my award for the Technology With The Worst Name Ever because if, like me, you go looking on your favourite search engine for issues with Linux kernel-based virtualisation, all you find is issues about keyboard-video-mouse switches.  This is because for the last fifteen years (at least), in the computer industry KVM has stood for keyboard-video-mouse (switch).

This is not your common-or-garden-variety case of acronym overloading, either, because many folk (myself included) still use a KVM.  Usually acronym overloading occurs when the acronym being overloaded has fallen from use and a new technology takes its place, or when an acronym is used to reference a little-known technology and a new usage of the acronym is unaware of the previous usage[1].

Here, KVM was already in heavy use, and I’m sure that none of the Linux kernel hackers could claim to being unaware of the term.  Yet they used it anyway.  And nothing in /usr/src/linux/Documentation explains why.

I’m sure there’ll be something out there about why they chose the name…  but in the meantime I’m left to find other reasons why KVM doesn’t seem to work on my system.  Which KVM do I mean?  Ah, that’s for me to know…  ;)

[1] RTP is an excellent example of this — it was already in use as Rapid Transit Protocol (a part of the APPN-HPR suite), but the VoIP folk never heard of APPN and used RTP for their Realtime Transfer Protocol.

In Australia, there is no evangelism of zSeries.  There’s an attitude bordering on arrogance that seems to say “we’re not going to explain zSeries to you; if you don’t know you want it already then you’re not worth it”.  At least that’s what it looks like to me.

I’m surrounded by people who think that all problems can be solved by installing an xSeries or pSeries machine.  Maybe some can be, but IMHO they’ll be replacing one set of problems with another (possibly greater) set.

Anyway, it’s nice to hear different stories — like a company whose IT costs went from 1.7% to 0.9% of sales by migrating their ENTIRE server farm (including about a dozen p690s) to a z990 running Linux.  Like a company that has placed 250 Linux server guests onto z/VM inside a year, freezing acquisition of new discrete servers.