system fault

Read this first


Day changed to 03 Feb 2015

17:05 < cgm> [root@silver cgm]# pacman -Syu

17:05 < cgm> :: Synchronizing package databases... cgm is up to date core is up to date extra is up to date community is up to date multilib is up to date

17:05 < cgm> :: Starting full system upgrade... there is nothing to do

17:05 < cgm> amazing

17:06 < cia> LOL LOL LOL

Continue reading →

seriously, OpenVZ? disable NAT by default ?

 right now experiencing a cartman-like feeling


 going with the flow

Being oncall over the weekend. Things went pretty quiet. No big events besides few silly attacks (which our WAF handled fair enough) and some data management quickies.

 taking decisions

Tuesday, 3 AM. I got the call. Went online, fixed the shit and now I was supposed to wait for OK signals. Since it was taking some time, I decided to apply some updates to one of my personal openvz servers. It seemed like the right time. So i fired it up…

[…] I totally noticed the message. It was there, in the console, staring at me. Some mumbling about conntrack being disabled by default from now on. And yet my sleepy brain decides to ignore it. It didn’t connect conntrack to nat and decided to act all newbie against my fate. Rebooting …

 the what-the-fuck moment

Big beast. It takes 5 minutes to boot all that shitty hardware

Continue reading →

optimized case insensitive string comparison algorithm

 Branch-free, loop-unrolled lower (upper) case transform algorithm for DNS labels

 In which I design by brute force an algorithm for case-insensitive string comparison 2 orders of magnitude faster than the classic one

The normal path one takes to lowercase a string is to test if the character is uppercase and add ‘a’
to it if so, while looping over the characters in the given string. A clean implementation may be
found in djbdns source code:

void case_lowerb(char *s,unsigned int len)
  unsigned char x;
  while (len > 0) {
    x = *s - 'A';
    if (x <= 'Z' - 'A') *s = x + 'a';

Basically, when serving a DNS request, you have to parse and test and eventually transform each character composing dns labels before looking up the record in the zones database. I find it too costly and I want to see if I can improve it somehow.

I am making the assumption that

Continue reading →